Creating and Assigning Granular Privileges
To create a new granular privilege programmatically, use the following function of the XQuery API security module:
sec:create-privilege( $privilege-name as xs:string, $action as xs:string, $kind as xs:string, $role-names as xs:string* ) as xs:unsignedLong
To assign an existing granular privilege to an additional role, use the following function of the XQuery API security module:
sec:privilege-set-roles( $action as xs:string, $kind as xs:string, $role-names as xs:string* ) as empty-sequence()
For detailed descriptions of sec:create-privilege() and sec:privilege-set-roles() functions of the security.xqy library module, see the MarkLogic XQuery and XSLT Function Reference.