sec:create-user( $user-name as xs:string, $description as xs:string?, $password as xs:string, $role-names as xs:string*, $permissions as element(sec:permission)*, $collections as xs:string*, [$external-names as xs:string*], [$queries as map:map] ) as xs:unsignedLong
Creates a new user in the system database for the context database. Returns the user ID of the created user.
http://marklogic.com/xdmp/privileges/create-user
or create-data-user
http://marklogic.com/xdmp/privileges/grant-all-roles
orhttp://marklogic.com/xdmp/privileges/grant-my-roles
http://marklogic.com/xdmp/privileges/user-set-queries
This function must be executed against the security database.
(: execute this against the security database :) xquery version "1.0-ml"; import module namespace sec="http://marklogic.com/xdmp/security" at "/MarkLogic/security.xqy"; sec:create-user( "Jim", "Jim the temp", "newtemp", "Temporary", (xdmp:permission("security", "read")), ("http://marklogic.com/dev_modules")) (: Creates a new user, named "Jim," with the role, "Temporary." "Jim" is assigned the default permission, security(read), and the default collection, "http://marklogic.com/dev_modules". :)
(: execute this against the security database :) xquery version "1.0-ml"; import module namespace sec="http://marklogic.com/xdmp/security" at "/MarkLogic/security.xqy"; sec:create-user( "Mike", "Mike the contractor", "password", "can-read", (), (), (), map:map()=>map:with( "read", cts:element-query(xs:QName("metadata"), cts:element-word-query(xs:QName("group"), "group-all"))) ) (: Creates a new user, named "Mike", and with the role "can-read". "Mike" has user queries which allows him to read only the documents with "group-all" in the metadata. :)