Loading TOC...

xdmp:document-add-permissions

xdmp:document-add-permissions(
   $uri as xs:string,
   $permissions as element(sec:permission)*
) as empty-sequence()

Summary

Adds the given permissions to the given document or directory. The user must have update or insert permissions on the document.

Parameters
$uri The document URI.
$permissions Permission elements.

Example

xdmp:document-add-permissions(
    "/example.xml",
    (xdmp:permission("development", "update"),
     xdmp:permission("qa", "read")))

Stack Overflow iconStack Overflow: Get the most useful answers to questions from the MarkLogic community, or ask your own question.

Comments

The commenting feature on this page is enabled by a third party. Comments posted to this page are publicly visible.
  • Given the fact that we have more than 1000k documents in the database, currently I am using the below: xdmp:set-request-time-limit(3600); for $uri in cts:uris((), (), cts:directory-query("/","infinity")) return xdmp:document-add-permissions( $uri, ( xdmp:permission("app-reader", "read") ) ) Not sure if there is a better/efficient way to grant the permissions over all documents. Could you advise?
    • The code in your example is performing an update. And presuming that all URIs in your database begin with the slash character ("/") that means that you are going to be trying to update every document in the database in a single transaction. That won't scale well when your database is big. And I think that when you say you have 1000k documents in your database that equals 1000 * 1000 or 1 million. That is not a huge database but it is too big for this approach. Instead, you should use a tool designed for bulk updates, such as CoRB2: http://developer.marklogic.com/code/corb You can also learn more about CoRB2 in this free video tutorial: https://mlu.marklogic.com/ondemand/65ca4c93 The other coaching point I'd make is that in the future you can avoid having to update each document in your database with permissions if you think about your security model upfront and then set permissions on the documents when you ingest them for the first time. If you'd like to learn more about how to implement security in MarkLogic, I recommend you complete this series of tutorials: https://mlu.marklogic.com/ondemand/index.xqy?q=Series%3ASecurity And also take a look at the Security Guide in the documentation: http://docs.marklogic.com/guide/security