sec.userSetRoles

sec.userSetRoles(
   user-name as String,
   role-names as String[]
) as null

Summary

Assigns the user with name $user-name to have the roles identified by $role-names. Removes previously assigned roles.

If a user with name equal to $user-name is not found, an error is returned.

If a role name in $role-names does not correspond to an existing role, an error is returned.

If $role-names is the empty sequence, all existing roles for the user are removed.

If the current user is limited to granting only his/her roles, and $role-names is not a subset of the current user's roles or one of the removed roles is not a subset of the current user's roles, then an error is returned.

Parameters
user-name The name of a user.
role-names A sequence of role names.

Required Privileges

http://marklogic.com/xdmp/privileges/user-set-roles
and for role assignment ($role-names not empty sequence):
http://marklogic.com/xdmp/privileges/grant-all-roles or
http://marklogic.com/xdmp/privileges/grant-my-roles

Usage Notes

This function must be executed against the security database.

Example


declareUpdate();
 
const sec = require('/MarkLogic/security.xqy');
   
sec.userSetRoles("Jim", ("Developer", "Temporary"))

//  Resets the roles for "Jim" to "Developer" and "Temporary.   
  
Powered by MarkLogic Server | Terms of Use | Privacy Policy