Protecting XQuery and JavaScript Functions with Privileges
Execute privileges provide authorization control for executing XQuery and JavaScript functions. MarkLogic Server provides three ways to protect XQuery functions:
Built-in execute privileges, created by MarkLogic Server, control access to protected functions such as
xdmp:document-load().Custom execute privileges, which you create using the Admin Interface or the security function in the
security.xqymodule, control access to functions you write.Amps, which temporarily amplify a user’s authority by granting the authority to execute a single, specific function. You can only amp a function in a library module that is stored in the MarkLogic Server modules database.
This section describes how to use these protections.