Implementing Security for a Read-Only User
In this scenario, assume that you want to implement a security model that enables your users to run any XQuery code stored in the modules database for a specific app server with read-only permissions on all documents in the database.
Reviewing the MarkLogic Server security model, recall that users do not have permissions, documents have permissions. And permissions are made up of a role paired with a capability. Additionally, execute privileges protect code execution and URI privileges protect the creation of documents in a specific URI namespace. This example shows one way to implement the read-only user and is divided into two parts.