Loading TOC...


   $role-name as xs:string,
   $description as xs:string?,
   $role-names as xs:string*,
   $permissions as element(sec:permission)*,
   $collections as xs:string*,
   [$compartment as xs:string?],
   [$external-names as xs:string*]
) as xs:unsignedLong


Creates a new role in the system database for the context database.

If $role-name is not unique, an error is returned.

If one of the $role-names does not identify a role, an error is returned.

If the current user is limited to granting only his/her roles, and $role-names is not a subset of the current user's roles, then an error is returned.

Returns the role-id.

$role-name The name of the role to be created.
$description A description of the role to be created.
$role-names A sequence of role names to which the role is assigned.
$permissions The default permissions for the role.
$collections The default collections for the role.
$compartment The compartment to assign to the role.
$external-names The external names for the role. Or an empty sequence, if no external names are used.

Required Privileges

and for role assignment:
http://marklogic.com/xdmp/privileges/grant-all-roles or

Usage Notes

This function must be executed against the security database.


xquery version "1.0-ml";
import module namespace sec="http://marklogic.com/xdmp/security" at 

    "Temporary worker access",
(: Creates a new role, named "Temporary," with the default collection, 
   named testDocument. :)  

Stack Overflow iconStack Overflow: Get the most useful answers to questions from the MarkLogic community, or ask your own question.