sec.privilegeSetRoles( action as String, kind as String, role-names as String[] ) as null
Assigns the privilege ($action,$kind) to have the roles identified by
$role-names. Removes the prviously assigned roles.
If a privilege identified by ($action,$kind) is not found, an error is
returned.
If a role name in $role-names does not correspond to an existing role,
an error is returned.
If $role-names is the empty sequence, all existing roles for the privilege
are removed.
If the current user is limited to granting only his/her roles,
and $role-names is not a subset of the current user's roles, then an error
is returned.
http://marklogic.com/xdmp/privileges/privilege-set-roles
http://marklogic.com/xdmp/privileges/grant-all-roles
orhttp://marklogic.com/xdmp/privileges/grant-my-roles
This function must be executed against the security database.
// execute this against the security database declareUpdate(); const sec = require('/MarkLogic/security.xqy'); sec.privilegeSetRoles( "http://marklogic.com/xdmp/privileges/mypriv", "execute", "Contractor") // Assigns the privilege with the specified action to the "Contractor" role. The privilege is removed from any other roles that had previously been assigned the privilege.