I’d like to update ino:acl/ino:ace/@ino:access from “read” to “change”. I used the following statement. However, I got the “Invalid doctype” error. Or there is any other way I can change ace. Please help.

declare namespace ino=“http://namespaces.softwareag.com/tamino/response2”
update
for $a in input()/ino:acl
where $a/@ino:aclname=“ACL2” and $a/ino:ace/@ino:access=“read”
do replace $a/ino:ace/@ino:access with attribute ino:access {“change”}

- <xq:result xmlns:xq=“http://namespaces.softwareag.com/tamino/XQuery/result”>
<ino:object ino:collection=“ino:security” ino:doctype=“ino:acl” ino:id=“2” />
</xq:result>
- <ino:message ino:returnvalue=“8551”>
<ino:messagetext ino:code=“INOXME8551”>Invalid doctype</ino:messagetext>
</ino:message>

Even though the ino:security collection behaves somewhat like a normal user collection, it is a system collection which has certain special restrictions. One of them is that currently it is not possible to do XQuery-Updates against the data in ino:security. You will need to use the old-fashioned way of using a process-update via re-using the ino:id to do an update on data in ino:security.

regards,
Heiko Weber

Is there any way I can build my own Security Manager GUI to create/update users and acl, ace (ino:user, ino:acl) other than use Tamino System Management Hub? Do you have any example can share with me?

As far as I know there is no other implementation available to administer users, groups, acls, and domains for current Tamino databases. There used to be an alternative Java-implementation for some old version of Tamino available as shareware.

However the structure of the documents in ino:security is fairly simple, so it should not be too hard to write your own security GUI via the Java or PHP API.

regards,
Heiko Weber