Creating a Role
To create a role, follow these steps:
Click the Security icon in the left tree menu.
Click the Roles icon.
Click the Create tab. The Role Configuration page appears:
Type in a name for the role in the Role Name field.
Type in a description for the role (optional).
If you want to place the role into the named compartment, enter name of the compartment in the Compartment field. If a document has any permissions (role/capability pairs) with roles that have a compartment, then the user must have those roles with each of the compartments (regardless of which permission they are in) to perform any of the capabilities.
If the role is to be mapped to an LDAP group, enter one or more group names in the External Names section. For details on external authorization, see the External Security in Securing MarkLogic Server.
Under the Roles section, select the roles from which this role will inherit.
Under the Execute Privileges section, select from the available execute privileges to be associated with the role.
Under the URI privileges section, select from the available URI privileges to be associated with the role.
Create default permissions for this role (optional). Select a role and pair the role with the appropriate capability (read, insert, update). If there are more than 3 default permissions you want to add for this role, you can do so on the next screen after you click OK.
Create default collections for this role (optional). Type in the collection URI for each collection you want to add to the role’s default collections. If there are more than 3 default permissions you want to add for this user, you can do so on the next screen after you click OK.
Click OK.
The role is now added to the system and the Role Configuration page appears. If you want to add more default permissions or collections to the role, scroll down to the section for default permissions or collections.