sec:amp-add-roles( $namespace as xs:string, $local-name as xs:string, $document-uri as xs:string, $database as xs:unsignedLong, $role-names as xs:string* ) as empty-sequence()
Adds the roles ($role-names) to the list of roles granted to the amp ($namespace, $local-name, $document-uri).
http://marklogic.com/xdmp/privileges/amp-add-roles
http://marklogic.com/xdmp/privileges/grant-all-roles
orhttp://marklogic.com/xdmp/privileges/grant-my-roles
If an amp with the given identifiers ($namespace, $local-name, $document-uri) is not found, an error is returned.
If one of $role-names does not correspond to an existing role, an error is returned.
If the current user is limited to granting only his/her roles, and $role is not a subset of the current user's roles, then an error is returned.
This function must be executed against the security database.
(: execute this against the security database :) xquery version "1.0-ml"; import module namespace sec="http://marklogic.com/xdmp/security" at "/MarkLogic/security.xqy"; sec:amp-add-roles( "http://marklogic.com/my_modules/myspace", "my-amp", "/MarkLogic/MyModule.xqy", 0, "Contractor") (: Adds the "Contractor" role to the list of roles granted to the "my-amp" amp. :)