[MarkLogic Dev General] Simple way to decide if a user has a role
Geert Josten
geert.josten at daidalos.nl
Tue Sep 6 13:41:33 PDT 2011
Hi Tim,
I think the basic idea of your function is alright. But since you are only interested in the current-user's roles, you might want to use xdmp:get-current-roles in your comparison instead. I haven't checked, but I would expect this function not to depend on privileges..
Kind regards,
Geert
-----Oorspronkelijk bericht-----
Van: general-bounces at developer.marklogic.com [mailto:general-bounces at developer.marklogic.com] Namens Tim Finney
Verzonden: dinsdag 6 september 2011 22:19
Aan: general at developer.marklogic.com
Onderwerp: [MarkLogic Dev General] Simple way to decide if a user has a role
Hi Everyone,
Is there a simple way to determine whether a user has a particular role
name? I would like to have a function that I give a role name and which
returns true if the current user has the role and false otherwise. I
want this function so that I can make a user interface change available
options depending on the current user's roles.
I would like the function to work even if the current user doesn't have
the xdmp-user-roles privilege. I would prefer not to have to create an
amped function to do this.
My current hack looks like this:
declare function s:user-has-role(
$role as xs:string
) as xs:boolean {
try {
xdmp:role($role) = xdmp:user-roles(xdmp:get-current-user())
}
catch ($e) {
fn:false()
}
};
This works fine if the current user has the xdmp-user-roles privilege.
However, if the user doesn't have this privilege then the function
always returns false regardless of whether the user has the specified
role name.
Best,
Tim Finney
_______________________________________________
General mailing list
General at developer.marklogic.com
http://developer.marklogic.com/mailman/listinfo/general
More information about the General
mailing list