MarkLogic 10 Product Documentationsec.userRemoveRoles
sec.userRemoveRoles( user-name as String, role-names as String[] ) as null
Summary
Removes the roles ($role-names) from the list of roles granted to the user ($user-name).
If a user with name equal to $user-name is not found, an error is returned.
If one of $role-names does not correspond to an existing role, an error is returned.
If the current user is limited to granting only his/her roles, and one of $role-names is not a subset of the current user's roles, then an error is returned.
| Parameters | |
|---|---|
| user-name | The name of a user. |
| role-names | A sequence of role names. |
Required Privileges
http://marklogic.com/xdmp/privileges/remove-role-from-userand for role removal:
http://marklogic.com/xdmp/privileges/grant-all-roles orhttp://marklogic.com/xdmp/privileges/grant-my-roles
Usage Notes
This function must be executed against the security database.
Example
// execute this against the security database
declareUpdate();
const sec = require('/MarkLogic/security.xqy');
sec.userRemoveRoles("Jim", ("admin", "admin-builtins"))
// Removes the "admin" and "admin-builtins" roles from the user, "Jim."