XQuery/Changing Permissions on Collections and Resources

Motivation

You want to change permissions on a set of collections and resources.

Method

There are two functions we will use:

For collections:

  xmldb:chmod-collection($collection, $perm)

and for resources:

   xmldb:chmod-resource($collection, $resource, $perm)

The $perm is a decimal number.

As of 1.5 you can use the function xmldb:string-to-permissions("rwurwu---") to get this decimal number.

Sample to get decimal values for guest permissions

xquery version "1.0";
<results>
    <guest-none>{xmldb:string-to-permissions("rwxrwx---")}</guest-none>
    <guest-read>{xmldb:string-to-permissions("rwxrwxr--")}</guest-read>
    <guest-read-write>{xmldb:string-to-permissions("rwxrwxrw-")}</guest-read-write>
    <guest-all>{xmldb:string-to-permissions("rwxrwxrwx")}</guest-all>
</results>

Returns the following

<results>
   <guest-none>504</guest-none>
   <guest-read>508</guest-read>
   <guest-read-write>510</guest-read-write>
   <guest-all>511</guest-all>
</results>

Recursive Script to Remove All Guest Permissions

xquery version "1.0";

declare function local:chmod-collection($collection) {
   xmldb:chmod-collection(
      $collection,
      xmldb:string-to-permissions("rwxrwx---")),
     for $child in xmldb:get-child-collections($collection)
     return
       local:chmod-collection(concat($collection, "/", $child))
};

system:as-user(
   'my-login', 
   'password', 
   (
   local:chmod-collection("/db/collection"),
   for $doc in collection("/db/collection")
   return
       xmldb:chmod-resource(util:collection-name($doc),
       util:document-name($doc),
       xmldb:string-to-permissions("rwxrwx---"))
   )
)

Warning, this breaks several features. You must run many functions as non-guest.