MarkLogic 10 Product Documentation
sec.privilegeAddRoles

sec.privilegeAddRoles(
   action as String,
   kind as String,
   role-names as String[]
) as null

Summary

Adds the roles ($role-names) to the list of roles assigned to the privilege ($action,$kind).

If a privilege identified by ($action,$kind) is not found, an error is returned.

If one of $role-names does not correspond to an existing role, an error is returned.

If the current user is limited to granting only his/her roles, and $role is not a subset of the current user's roles, then an error is returned.

Parameters
action	The action URI for the privilege. If $kind is a URI privilege, then use the URI to protect for the action parameter.
kind	Either "execute" or "uri".
role-names	Additional roles for the privilege. If $role-names is the empty sequence, the function has no effect.

Required Privileges

http://marklogic.com/xdmp/privileges/privilege-add-roles
and for role assignment: http://marklogic.com/xdmp/privileges/grant-all-roles or
http://marklogic.com/xdmp/privileges/grant-my-roles

Usage Notes

This function must be executed against the security database.

Example


// execute this against the security database

declareUpdate();  
const sec = require('/MarkLogic/security.xqy');

sec.privilegeAddRoles(
    "http://marklogic.com/xdmp/privileges/unprotected-collections",
    "execute",
    ["Temporary"])
   
// Adds the unprotected-collection execute privilege to the Temporary role.

Stack Overflow: Get the most useful answers to questions from the MarkLogic community, or ask your own question.

MarkLogic 10 Product Documentationsec.privilegeAddRoles

Summary

Required Privileges

Usage Notes

Example

MarkLogic 10 Product Documentation
sec.privilegeAddRoles