forked from telic/exist-annotation-store
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathpost-install.xql
executable file
·36 lines (33 loc) · 1.01 KB
/
post-install.xql
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
xquery version "3.0";
import module namespace sm="http://exist-db.org/xquery/securitymanager";
(: the target collection into which the app is deployed :)
declare variable $target external;
(: generate a unique store ID for use as JWT 'audience' :)
let $id := doc($target||'/store-configuration.xml')/store-configuration/site-id
return
if ($id = '') then
update value $id with util:uuid()
else ()
,
(: create 'annotations' and 'issuers' collections :)
(: and limit access to them :)
(: note: removing 'x' privilege causes problems with REST for some reason... :)
for $dir in ('annotations', 'issuers')
return (
xmldb:create-collection($target, $dir),
sm:chmod(xs:anyURI($target||'/'||$dir), 'rwxr-x--x')
)
,
(: add setuid to all action xqueries :)
for $q in collection($target||'/actions')
return
sm:chmod(
xs:anyURI(util:collection-name($q)||'/'||util:document-name($q)),
'rwsr-xr-x'
)
,
(: also setuid auth.xqm :)
sm:chmod(
xs:anyURI($target||'/modules/auth.xqm'),
'rwsr-xr-x'
)