[MarkLogic Dev General] Resolving role IDs from a role ID
Michael Blakeley
michael.blakeley at marklogic.com
Thu Sep 20 08:00:52 PDT 2007
Jacob Meushaw wrote:
> I'm sure there is an easy solution to this. I'm trying to learn more
> about security. I've used xdmp:document-get-permission() to retrieve
> the persmissions assigned to a given document. The results of this
> query give me something like:
>
> <sec:permission>
> <sec:capability>update</sec:capability>
> <sec:role-id>1251346123451341</sec:role-id>
> </sec:permission>
>
> How do I figure out what the role name is that matches the role-id?
Have a look at sec:get-role-names()
http://developer.marklogic.com/pubs/3.2/apidocs/Securitysec.html#get-role-names
The API is bifurcated: there is a section of xdmp:* built-in security
functions, and a section of sec:* security library functions. The former
can be used from any database, while the latter must evaluate in the
Security database.
Depending on your needs, you might also want to read up on xdmp:invoke()
and xdmp:security-database().
-- Mike
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4532 bytes
Desc: S/MIME Cryptographic Signature
Url : http://xqzone.marklogic.com/pipermail/general/attachments/20070920/79326b56/smime.bin
More information about the General
mailing list