es:pii-generate( $model as map:map ) as document-node()
This function is deprecated and will be removed in a future release.
Generate an Element Level Security configuration artifact for controlling
access to entity properties designated as PII in the model.
Parameters | |
---|---|
model | A valid basic model. |
xquery version "1.0-ml"; import module namespace es = "http://marklogic.com/entity-services" at "/MarkLogic/entity-services/entity-services.xqy"; let $model-desc := <es:model xmlns:es="http://marklogic.com/entity-services"> <es:info> <es:title>People</es:title> <es:description>People Example</es:description> <es:version>4.0.0</es:version> </es:info> <es:definitions> <Person> <es:properties> <id><es:datatype>int</es:datatype></id> <name><es:datatype>string</es:datatype></name> <bio><es:datatype>string</es:datatype></bio> <rating><es:datatype>float</es:datatype></rating> </es:properties> <es:required>name</es:required> <es:primary-key>id</es:primary-key> <es:pii>name</es:pii> <es:pii>bio</es:pii> </Person> </es:definitions> </es:model> return es:pii-generate( es:model-from-xml($model-desc) ) (: Returns the following ELS configuration artifact: : : {"name":"People-4.0.0", : "desc":"A policy that secures name,bio of type Person", : "config":{ : "protected-path":[ : {"path-expression":"/envelope//instance//Person/name", : "path-namespace":[], : "permission":{"role-name":"pii-reader", "capability":"read"}}, : {"path-expression":"/envelope//instance//Person/bio", : "path-namespace":[], : "permission":{"role-name":"pii-reader", "capability":"read"}} : ], : "query-roleset":{"role-name":["pii-reader"]} : } : } :)