Loading TOC...

sec.protectPath

sec.protectPath(
   $path as String,
   $path-namespaces as element(sec.pathNamespace)[],
   $permissions as element(sec.permission)[],
   $path-set as String?
) as (Number|String)

Summary

This function protects the path specified, restricting the ability to view content based on the user's permissions. The function returns the unique ID of the protected path.

Parameters
$path The name of the path to be protected.
$path-namespaces The namespace(s) for the path to be protected.
$permissions The permissions assigned to the protected path.
$path-set The path set assigned to the protected path.

Required Privileges

http://marklogic.com/xdmp/privileges/protect-path

Usage Notes

This function must be executed against the Security database.

If the protected path has a path set, it can only have read permissions.

Compartmented-roles in protected paths from the same set should belong to the same compartment.

Example


 (: execute this against the Security database :)
declareUpdate();
const sec = require('/MarkLogic/security'); 
          
sec.protectPath("/root/bar[@baz=1]", [], [xdmp.permission("els-role-2", "read", "element")]);
sec.protectPath("test", [], [xdmp.permission("els-role-2", "read", "element")], "set1");
sec.protectPath("/root/reg[fn:matches(@expr, 'is')]", [], [xdmp.permission("els-role-2", "read", "element")])
    

Example


 (: execute this against the Security database :)
declareUpdate(); 
const sec = require('/MarkLogic/security');

sec.protectPath("/root/ml:bar[@baz=1]", [sec.securityPathNamespace("ml", "marklogic.com")],
  [xdmp.permission("els-role-2", "read", "element")])

(: adds a protected path for the element in the ml namespace :)
   

Stack Overflow iconStack Overflow: Get the most useful answers to questions from the MarkLogic community, or ask your own question.