这与Can XSLT be improved further?。
相关联我有一个XML如下:
示例XML
<?xml version="1.0" encoding="UTF-8"?>
<Benchmark xmlns="http://checklists.nist.gov/xccdf/1.2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" id="xccdf_com.vmware.linux_benchmark_file-test" resolved="1" xml:lang="en-US">
<status date="2015-09-20">draft</status>
<title xmlns:xhtml="http://www.w3.org/1999/xhtml" xml:lang="en-US">Test content for file_test probe</title>
<description xmlns:xhtml="http://www.w3.org/1999/xhtml" xml:lang="en-US">File content for OVAL file file_test_content-oval.xml built on 2015-09-20T02:13:56</description>
<platform idref="cpe:/o:sles11:linux"/>
<version>v0.0</version>
<model system="urn:xccdf:scoring:default"/>
<Profile id="xccdf_com.vmware.linux_profile_test">
<status date="2015-09-20">draft</status>
<version update="1" time="2015-09-20T14:57:39.808+05:30">1.0</version>
<title xmlns:xhtml="http://www.w3.org/1999/xhtml" xml:lang="en-US">Test_Profile</title>
<description xmlns:xhtml="http://www.w3.org/1999/xhtml" xml:lang="en">This is a test profile to test file_test probe.</description>
<select idref="xccdf_com.vmware.linux_rule_test-def-3" selected="true"/>
<select idref="xccdf_com.vmware.linux_rule_test-def-2" selected="true"/>
<select idref="xccdf_com.vmware.linux_rule_test-def-1" selected="true"/>
</Profile>
<Group id="xccdf_com.vmware.linux_group_test" weight="1.000000">
<platform idref="cpe:/o:sles11:linux"/>
<Rule id="xccdf_com.vmware.linux_rule_test-def-3" selected="true" weight="1.000000" role="full" severity="unknown">
<title xmlns:xhtml="http://www.w3.org/1999/xhtml" xml:lang="en-US">Rule 3 - /etc/passwd file is group-owned by root</title>
<description xmlns:xhtml="http://www.w3.org/1999/xhtml" xml:lang="en-US">This rule verifies that /etc/passwd file is group-owned by root.</description>
<check system="http://oval.mitre.org/XMLSchema/oval-definitions-5">
<check-content-ref name="oval:com.vmware.test.linux:def:3" href="file_test_content-oval.xml"/>
</check>
</Rule>
<Rule id="xccdf_com.vmware.linux_rule_test-def-2" selected="true">
<title xmlns:xhtml="http://www.w3.org/1999/xhtml" xml:lang="en-US">Rule 2 - /etc/passwd file is owned by root</title>
<description xmlns:xhtml="http://www.w3.org/1999/xhtml" xml:lang="en-US">This rule verifies that /etc/passwd file is owned by root.</description>
<check system="http://oval.mitre.org/XMLSchema/oval-definitions-5">
<check-content-ref name="oval:com.vmware.test.linux:def:2" href="file_test_content-oval.xml"/>
</check>
</Rule>
<Rule id="xccdf_com.vmware.linux_rule_test-def-1" selected="true">
<title xmlns:xhtml="http://www.w3.org/1999/xhtml" xml:lang="en-US">Rule 1 - /etc/passwd file has permissions of 644 or more restrictive</title>
<description xmlns:xhtml="http://www.w3.org/1999/xhtml" xml:lang="en-US">This rule verifies that /etc/passwd file has permissions of 644 or more restrictive.</description>
<check system="http://oval.mitre.org/XMLSchema/oval-definitions-5">
<check-content-ref name="oval:com.vmware.test.linux:def:1" href="file_test_content-oval.xml"/>
</check>
</Rule>
</Group>
<TestResult id="xccdf_org.open-scap_testresult_xccdf_com.vmware.linux_profile_test" start-time="2016-08-17T13:38:29" end-time="2016-08-17T13:38:29" version="v0.0">
<benchmark href="/tmp/tmp.VnFIMSRKhw/input.xml" id="xccdf_com.vmware.linux_benchmark_file-test"/>
<title>OSCAP Scan Result</title>
<identity authenticated="false" privileged="false"/>
<profile idref="xccdf_com.vmware.linux_profile_test"/>
<target>vROPS_6-1</target>
<target-address>127.0.0.1</target-address>
<target-address>127.0.0.2</target-address>
<target-address>10.112.56.130</target-address>
<target-address>0:0:0:0:0:0:0:1</target-address>
<target-address>fe80:0:0:0:250:56ff:fe93:6159</target-address>
<target-address>0:0:0:0:0:0:0:10.112.56.130</target-address>
<target-address>0:0:0:0:0:0:0:127.0.0.2</target-address>
<target-address>0:0:0:0:0:0:0:127.0.0.1</target-address>
<target-facts>
<fact name="urn:xccdf:fact:scanner:name" type="string">OpenSCAP</fact>
<fact name="urn:xccdf:fact:scanner:version" type="string">1.2.5</fact>
<fact name="urn:xccdf:fact:ethernet:MAC" type="string">00:00:00:00:00:00</fact>
<fact name="urn:xccdf:fact:ethernet:MAC" type="string">00:00:00:00:00:00</fact>
<fact name="urn:xccdf:fact:ethernet:MAC" type="string">00:50:56:93:61:59</fact>
<fact name="urn:xccdf:fact:ethernet:MAC" type="string">00:00:00:00:00:00</fact>
<fact name="urn:xccdf:fact:ethernet:MAC" type="string">00:50:56:93:61:59</fact>
<fact name="urn:xccdf:fact:ethernet:MAC" type="string">00:00:00:00:00:00</fact>
<fact name="urn:xccdf:fact:ethernet:MAC" type="string">00:00:00:00:00:00</fact>
<fact name="urn:xccdf:fact:ethernet:MAC" type="string">00:00:00:00:00:00</fact>
</target-facts>
<platform idref="cpe:/o:sles11:linux"/>
<rule-result idref="xccdf_com.vmware.linux_rule_test-def-3" role="full" time="2016-08-17T13:38:29" severity="unknown" weight="1.000000">
<result>pass</result>
<check system="http://oval.mitre.org/XMLSchema/oval-definitions-5">
<check-content-ref name="oval:com.vmware.test.linux:def:3" href="file_test_content-oval.xml"/>
</check>
</rule-result>
<rule-result idref="xccdf_com.vmware.linux_rule_test-def-2" time="2016-08-17T13:38:29" weight="1.000000">
<result>pass</result>
<check system="http://oval.mitre.org/XMLSchema/oval-definitions-5">
<check-content-ref name="oval:com.vmware.test.linux:def:2" href="file_test_content-oval.xml"/>
</check>
</rule-result>
<rule-result idref="xccdf_com.vmware.linux_rule_test-def-1" time="2016-08-17T13:38:29" weight="1.000000">
<result>pass</result>
<check system="http://oval.mitre.org/XMLSchema/oval-definitions-5">
<check-content-ref name="oval:com.vmware.test.linux:def:1" href="file_test_content-oval.xml"/>
</check>
</rule-result>
<score system="urn:xccdf:scoring:default" maximum="100.000000">100.000000</score>
</TestResult>
</Benchmark>
请注意,群组和个人资料元素是可选。有效的示例xml 也可以是以下内容:
<?xml version="1.0" encoding="UTF-8"?>
<Benchmark xmlns="http://checklists.nist.gov/xccdf/1.2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" id="xccdf_com.vmware.linux_benchmark_file-test" resolved="1" xml:lang="en-US">
<status date="2015-09-20">draft</status>
<title xmlns:xhtml="http://www.w3.org/1999/xhtml" xml:lang="en-US">Test content for file_test probe</title>
<description xmlns:xhtml="http://www.w3.org/1999/xhtml" xml:lang="en-US">File content for OVAL file file_test_content-oval.xml built on 2015-09-20T02:13:56</description>
<platform idref="cpe:/o:sles11:linux"/>
<version>v0.0</version>
<model system="urn:xccdf:scoring:default"/>
<Rule id="xccdf_com.vmware.linux_rule_test-def-3" selected="true" weight="1.000000" role="full" severity="unknown">
<title xmlns:xhtml="http://www.w3.org/1999/xhtml" xml:lang="en-US">Rule 3 - /etc/passwd file is group-owned by root</title>
<description xmlns:xhtml="http://www.w3.org/1999/xhtml" xml:lang="en-US">This rule verifies that /etc/passwd file is group-owned by root.</description>
<check system="http://oval.mitre.org/XMLSchema/oval-definitions-5">
<check-content-ref name="oval:com.vmware.test.linux:def:3" href="file_test_content-oval.xml"/>
</check>
</Rule>
<Rule id="xccdf_com.vmware.linux_rule_test-def-2" selected="true">
<title xmlns:xhtml="http://www.w3.org/1999/xhtml" xml:lang="en-US">Rule 2 - /etc/passwd file is owned by root</title>
<description xmlns:xhtml="http://www.w3.org/1999/xhtml" xml:lang="en-US">This rule verifies that /etc/passwd file is owned by root.</description>
<check system="http://oval.mitre.org/XMLSchema/oval-definitions-5">
<check-content-ref name="oval:com.vmware.test.linux:def:2" href="file_test_content-oval.xml"/>
</check>
</Rule>
<Rule id="xccdf_com.vmware.linux_rule_test-def-1" selected="true">
<title xmlns:xhtml="http://www.w3.org/1999/xhtml" xml:lang="en-US">Rule 1 - /etc/passwd file has permissions of 644 or more restrictive</title>
<description xmlns:xhtml="http://www.w3.org/1999/xhtml" xml:lang="en-US">This rule verifies that /etc/passwd file has permissions of 644 or more restrictive.</description>
<check system="http://oval.mitre.org/XMLSchema/oval-definitions-5">
<check-content-ref name="oval:com.vmware.test.linux:def:1" href="file_test_content-oval.xml"/>
</check>
</Rule>
<TestResult id="xccdf_org.open-scap_testresult_default-profile" start-time="2016-08-17T19:18:42" end-time="2016-08-17T19:18:42" version="v0.0">
<benchmark href="/tmp/tmp.nMXPWBmAJO/input.xml" id="xccdf_com.vmware.linux_benchmark_file-test"/>
<title>OSCAP Scan Result</title>
<identity authenticated="false" privileged="false"/>
<target>vRealizeClusterNode</target>
<target-address>127.0.0.1</target-address>
<target-address>127.0.0.2</target-address>
<target-address>10.112.56.132</target-address>
<target-address>0:0:0:0:0:0:0:1</target-address>
<target-address>fe80:0:0:0:250:56ff:fe93:21b6</target-address>
<target-facts>
<fact name="urn:xccdf:fact:scanner:name" type="string">OpenSCAP</fact>
<fact name="urn:xccdf:fact:scanner:version" type="string">1.2.5</fact>
<fact name="urn:xccdf:fact:ethernet:MAC" type="string">00:00:00:00:00:00</fact>
<fact name="urn:xccdf:fact:ethernet:MAC" type="string">00:00:00:00:00:00</fact>
<fact name="urn:xccdf:fact:ethernet:MAC" type="string">00:50:56:93:21:B6</fact>
<fact name="urn:xccdf:fact:ethernet:MAC" type="string">00:00:00:00:00:00</fact>
<fact name="urn:xccdf:fact:ethernet:MAC" type="string">00:50:56:93:21:B6</fact>
</target-facts>
<platform idref="cpe:/o:sles11:linux"/>
<rule-result idref="xccdf_com.vmware.linux_rule_test-def-3" role="full" time="2016-08-17T19:18:42" severity="unknown" weight="1.000000">
<result>pass</result>
<check system="http://oval.mitre.org/XMLSchema/oval-definitions-5">
<check-content-ref name="oval:com.vmware.test.linux:def:3" href="file_test_content-oval.xml"/>
</check>
</rule-result>
<rule-result idref="xccdf_com.vmware.linux_rule_test-def-2" time="2016-08-17T19:18:42" weight="1.000000">
<result>pass</result>
<check system="http://oval.mitre.org/XMLSchema/oval-definitions-5">
<check-content-ref name="oval:com.vmware.test.linux:def:2" href="file_test_content-oval.xml"/>
</check>
</rule-result>
<rule-result idref="xccdf_com.vmware.linux_rule_test-def-1" time="2016-08-17T19:18:42" weight="1.000000">
<result>pass</result>
<check system="http://oval.mitre.org/XMLSchema/oval-definitions-5">
<check-content-ref name="oval:com.vmware.test.linux:def:1" href="file_test_content-oval.xml"/>
</check>
</rule-result>
<score system="urn:xccdf:scoring:default" maximum="100.000000">100.000000</score>
</TestResult>
</Benchmark>
我有兴趣从以上可能的xmls中选择idref以及相应的title和result。
输出可以是由\n分隔的纯文本。
我写了如下XSL:
<?xml version="1.0" encoding="UTF-8"?>
<xsl:stylesheet version="1.0"
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:cdf="http://checklists.nist.gov/xccdf/1.2"
xmlns:exsl="http://exslt.org/common"
xmlns:db="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns="http://docbook.org/ns/docbook"
xmlns:s="http://open-scap.org/"
exclude-result-prefixes="xsl cdf db s exsl"
xmlns:ovalres="http://oval.mitre.org/XMLSchema/oval-results-5"
xmlns:sceres="http://open-scap.org/page/SCE_result_file"
>
<xsl:output method="text" encoding="utf-8" />
<xsl:key name="result" match="cdf:rule-result" use="@idref" />
<xsl:template match="/cdf:TestResult">
<xsl:for-each select="cdf:rule-result">
<xsl:value-of select="@idref" />
<xsl:text>
</xsl:text>
<xsl:value-of select="cdf:title"/>
<xsl:text>
</xsl:text>
<xsl:value-of select="key('result', @idref)/result"/>
<xsl:text>
</xsl:text>
</xsl:for-each>
</xsl:template>
</xsl:stylesheet>
但是,这不会产生所需的输出吗?我在这里做错了什么?
请帮忙。
答案 0 :(得分:2)
您有几个问题:
TestResult不是根元素,因此您的模板:
<xsl:template match="/cdf:TestResult">
。你看到的输出完全是由 built-in template rules
TestResult没有title孩子,所以你的指示:
<xsl:value-of select="cdf:title"/>
不会返回任何内容。
当你这样做时:
<xsl:for-each select="cdf:rule-result">
您已经处于rule-result的上下文中,因此您使用密钥毫无意义。而您忘记在cdf:上添加result前缀。
根据您之前的问题,我认为您希望浏览Rule下的Group个节点,并从那里获取链接的rule-result,而不是过rule-result } nodes:
XSLT 1.0
<xsl:stylesheet version="1.0"
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:cdf="http://checklists.nist.gov/xccdf/1.2">
<xsl:output method="text" encoding="utf-8" />
<xsl:key name="result" match="cdf:rule-result" use="@idref" />
<xsl:template match="/cdf:Benchmark">
<xsl:for-each select="cdf:Group/cdf:Rule">
<xsl:value-of select="@id" />
<xsl:text>
</xsl:text>
<xsl:value-of select="cdf:title"/>
<xsl:text>
</xsl:text>
<xsl:value-of select="key('result', @id)/cdf:result"/>
<xsl:text>
</xsl:text>
</xsl:for-each>
</xsl:template>
</xsl:stylesheet>
应用于您的输入示例,结果将是:
xccdf_com.vmware.linux_rule_test-def-3
Rule 3 - /etc/passwd file is group-owned by root
pass
xccdf_com.vmware.linux_rule_test-def-2
Rule 2 - /etc/passwd file is owned by root
pass
xccdf_com.vmware.linux_rule_test-def-1
Rule 1 - /etc/passwd file has permissions of 644 or more restrictive
pass
答案 1 :(得分:0)
首先,要过滤结果,只需匹配根节点并仅应用所需的节点。比如
<xsl:template match="/">
<xsl:apply-templates select="cdf:Benchmark/cdf:TestResult"/>
</xsl:template>
其次,您需要了解xpath轴(向前和向后)。 cdf:title是上下文节点(cdf:rule-result)的前任兄弟。第三,你不需要键来获取cdf:result,只需直接选择它,因此:
<xsl:template match="cdf:TestResult">
<xsl:for-each select="cdf:rule-result">
<xsl:value-of select="@idref" />
<xsl:text>
</xsl:text>
<xsl:value-of select="preceding-sibling::cdf:title"/>
<xsl:text>
</xsl:text>
<xsl:value-of select="cdf:result"/>
<xsl:text>
</xsl:text>
</xsl:for-each>
</xsl:template>
和整个样式表:
<?xml version="1.0" encoding="UTF-8"?>
<xsl:stylesheet version="1.0"
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:cdf="http://checklists.nist.gov/xccdf/1.2"
xmlns:exsl="http://exslt.org/common"
xmlns:db="http://docbook.org/ns/docbook"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns="http://docbook.org/ns/docbook"
xmlns:s="http://open-scap.org/"
exclude-result-prefixes="xsl cdf db s exsl"
xmlns:ovalres="http://oval.mitre.org/XMLSchema/oval-results-5"
xmlns:sceres="http://open-scap.org/page/SCE_result_file"
>
<xsl:output method="text" encoding="utf-8" />
<xsl:template match="/">
<xsl:apply-templates select="cdf:Benchmark/cdf:TestResult"/>
</xsl:template>
<xsl:template match="cdf:TestResult">
<xsl:for-each select="cdf:rule-result">
<xsl:value-of select="@idref" />
<xsl:text>
</xsl:text>
<xsl:value-of select="preceding-sibling::cdf:title"/>
<xsl:text>
</xsl:text>
<xsl:value-of select="cdf:result"/>
<xsl:text>
</xsl:text>
</xsl:for-each>
</xsl:template>
</xsl:stylesheet>
输出:
xccdf_com.vmware.linux_rule_test-def-3
OSCAP Scan Result
pass
xccdf_com.vmware.linux_rule_test-def-2
OSCAP Scan Result
pass
xccdf_com.vmware.linux_rule_test-def-1
OSCAP Scan Result
pass