sec.ampSetRoles( namespace as String, local-name as String, document-uri as String, database as (Number|String), role-names as String[] ) as null
Assigns the amp identified by $namespace, $local-name and $document-uri
to have the roles identified by $roles-names. Removes previously
assigned roles.
If an amp with the given identifiers does not exist, an error is
returned.
If a role name in $role-names does not correspond to an existing role,
an error is returned.
If $role-names is the empty sequence, all roles assigned to the amp are
removed.
If the current user is limited to granting only his/her roles,
and $role-names is not a subset of the current user's roles, then an
error is returned.
http://marklogic.com/xdmp/privileges/amp-set-roles
http://marklogic.com/xdmp/privileges/grant-all-roles
orhttp://marklogic.com/xdmp/privileges/grant-my-roles
This function must be executed against the security database.
// execute this against the security database declareUpdate(); const sec = require('/MarkLogic/security.xqy'); sec.ampSetRoles( "http://marklogic.com/my_modules/myspace", "my-amp", "/MarkLogic/MyModule.xqy", 0, ["Developer", "Temporary"]) // Sets the "Developer" and "Temporary" rolea as the roles granted to the "my-amp" amp. Any other roles previously in the list are removed.
Stack Overflow: Get the most useful answers to questions from the MarkLogic community, or ask your own question.