sec:create-role( $role-name as xs:string, $description as xs:string?, $role-names as xs:string*, $permissions as element(sec:permission)*, $collections as xs:string*, [$compartment as xs:string?], [$external-names as xs:string*] ) as xs:unsignedLong
Creates a new role in the system database for the context
database.
If $role-name is not unique, an error is returned.
If one of the $role-names does not identify a role, an error
is returned.
If the current user is limited to granting only his/her roles,
and $role-names is not a subset of the current user's roles, then an
error is returned.
Returns the role-id.
http://marklogic.com/xdmp/privileges/create-role
http://marklogic.com/xdmp/privileges/grant-all-roles
orhttp://marklogic.com/xdmp/privileges/grant-my-roles
This function must be executed against the security database.
xquery version "1.0-ml"; import module namespace sec="http://marklogic.com/xdmp/security" at "/MarkLogic/security.xqy"; sec:create-role( "Temporary", "Temporary worker access", ("filesystem-access"), (), ("testDocument")) (: Creates a new role, named "Temporary," with the default collection, named testDocument. :)
Stack Overflow: Get the most useful answers to questions from the MarkLogic community, or ask your own question.