Loading TOC...

sec:create-user-with-role

sec:create-user-with-role(
   $user-name as xs:string,
   $description as xs:string?,
   $password as xs:string,
   $role-names as xs:string*,
   $permissions as element(sec:permission)*,
   $collections as xs:string*,
   $external-names as xs:string*
) as xs:unsignedLong

Summary

Creates a new user in the system database for the context database. Returns the user ID of the created user. Also creates a role by the same name and assigns the newly-created user to the newly-created role. Parameters that define roles, permissions, and collections are only applied to the new user.

Parameters
$user-name A unique username. If $user-name is not unique, an error is returned.
$description A description of the user.
$password The initial password for this user.
$role-names Additional roles (if any) assigned to this user. If one of the $role-names names a role that does not exist, an error is returned.
$permissions The default permissions granted to this user.
$collections The URIs for the default collections to which this user has access.
$external-names One or more external names used to match the user with one or more Distinguished Names in an LDAP server or User Principals in a Kerberos server.

Required Privileges

http://marklogic.com/xdmp/privileges/create-user
http://marklogic.com/xdmp/privileges/create-role
and, for role assignment:
http://marklogic.com/xdmp/privileges/grant-all-roles or
http://marklogic.com/xdmp/privileges/grant-my-roles

Usage Notes

This function must be executed against the security database.

Example


xquery version "1.0-ml";
import module namespace sec="http://marklogic.com/xdmp/security" at 
    "/MarkLogic/security.xqy";

sec:create-user-with-role(
    "Jim",
    "Jim the temp",
    "newtemp",
    "Temporary",
    (xdmp:permission("security", "read"),
     xdmp:permission("security", "update")),
    ("http://marklogic.com/dev_modules"))
 
(: Creates a new user, named Jim, with the roles, Jim and Temporary.  
   Jim is assigned the default permissions, security(read) and security(update),
   and the default collection, "http://marklogic.com/dev_modules". :)  
  

Stack Overflow iconStack Overflow: Get the most useful answers to questions from the MarkLogic community, or ask your own question.