Thanks again, I am new to Mark Logic and just responsible for DBA functions. At this point I am using only admin consol or xqy script. I have 2 roles digital-read(no inherited roles) and digital-write(any-uri,any-collection), them I created 2 users digitalread and digitalwrite and use the default permission (role name capability) Digitalread - read Digitalwrite -execute Digitalwrite -update Digitalwrite -insert
Then I still need to set privileges on the document level. That is why I am running the xqy xdmp:document-set-permissions Galina From: [email protected] [mailto:[email protected]] On Behalf Of Tim Meagher Sent: Thursday, February 26, 2009 2:45 PM To: 'General Mark Logic Developer Discussion' Subject: [MarkLogic Dev General] Applying role/user pairs to documents when they are originally loaded using default permissions FYI - I have an XCC application that loads the documents. I set the default permissions for the XCC.net login user (whose default permissions get applied to each document that gets loaded) in the Security/Users tab with role/permission pairs for the 4 basic document access permissions: default permissions -- The default set of permissions used in document creation. role name (capability) [Keep] [X] executor (execute) [X] inserter (insert) [X] reader (read) [X] updater (update) These roles get applied to each document so that if I want to create any new roles that have any combination of the basic role permissions, I can do so without having to update the permissions for each document. This approach is pretty simple if I want a user who is part of the reader role to be able to read all the documents in the database, but I'm not sure this is the best approach for applying different permissions to groups of documents in the database. The good news is that I don't have to recreate read/insert/update/execute permissions for any documents that have been loaded. Tim Meagher ________________________________ From: [email protected] [mailto:[email protected]] On Behalf Of Pritsker, Galina Sent: Thursday, February 26, 2009 2:00 PM To: '[email protected]' Subject: [MarkLogic Dev General] Permission problem I have about 60000 documents on Mark Logic database. I would like to set up permission for read and write users In order to do that I am running the following script : for $i in cts:uris() [0 to 60000] return xdmp:document-set-permissions($i, (xdmp:permission("digital-read","read"), xdmp:permission("digital-write","insert"), xdmp:permission("digital-write","update"), xdmp:permission("digital-write","read") )) I could not process all documents because getting the following error: XDMP-EXTIME: Time limit exceeded. So I ran Xquery with small range from 1 to 10000 and so on, but when I login with user who has read or write privileges there are only 29654 documents that they can access What did I do wrong? Thanks, Galina
_______________________________________________ General mailing list [email protected] http://xqzone.com/mailman/listinfo/general
