Test It Out

Securing MarkLogic Server

Test It Out

The definitional queries on the roles will effectively treat documents as having permissions for that role. As a result, when Edna, Fred and Peter perform a search (read) against the database, they are able to read the following documents:

Document	Metadata	User with `read` Access
`/doc1.xml`	`region-NA`	Edna
`/doc2.xml`	`region-NA`	Edna
`/doc3.xml`	`region-EMEA`	Fred
`/doc4.xml`	`region-APAC`	Peter
`/doc5.xml`	`can-read` permission key	Edna, Fred, Peter
`/doc6.xml`	`can-read` permission key	Edna, Fred, Peter

In this section:

Securing MarkLogic Server

Test It Out

Search results