Loading TOC...


   model as Object
) as Node


This function is deprecated and will not be supported in MarkLogic 11.
Generate an Element Level Security configuration artifact for controlling access to entity properties designated as PII in the model.

model A valid basic model.

Usage Notes

The security configuration artifact generated by this function can be used with the Configuration Management API (v3 or later) to define Element Level Security (ELS) protected paths for each entity property designated as PII in the model. The configuration grants read access only to users with the "pii-reader" role. This role is pre-defined by MarkLogic. You must deploy the resulting configuration before your PII access controls can take effect.

See Also


const es = require('/MarkLogic/entity-services/entity-services');

es.piiGenerate( es.modelValidate(
  { info: {
    title: 'People',
    description: 'People Example',
    version: '4.0.0'
  definitions: {
    Person: {
      properties: {
        id: { datatype: 'int' },
        name: { datatype: 'string' },
        bio: { datatype: 'string' },
        rating: { datatype: 'float' }
      required: ['name'],
      primaryKey: 'id',
      pii: ['name', 'bio']

// Returns the following ELS configuration artifact:
// {"name":"People-4.0.0", 
//   "desc":"A policy that secures name,bio of type Person", 
//   "config":{
//     "protected-path":[
//       {"path-expression":"/envelope//instance//Person/name", 
//        "path-namespace":[], 
//        "permission":{"role-name":"pii-reader", "capability":"read"}}, 
//       {"path-expression":"/envelope//instance//Person/bio", 
//        "path-namespace":[], 
//        "permission":{"role-name":"pii-reader", "capability":"read"}}
//     ], 
//     "query-roleset":{"role-name":["pii-reader"]}
//   }
// }

Stack Overflow iconStack Overflow: Get the most useful answers to questions from the MarkLogic community, or ask your own question.