Hi Tim, Why don't you want to create an amp for this? I suspect any solution you come up with will require privileged operations, and will need an amp. This is what amps are for: to allow a privileged operation in the context of your application, where you the application developer knows it is safe for people to use this privilege in this context.
-Danny -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Tim Finney Sent: Tuesday, September 06, 2011 1:19 PM To: [email protected] Subject: [MarkLogic Dev General] Simple way to decide if a user has a role Hi Everyone, Is there a simple way to determine whether a user has a particular role name? I would like to have a function that I give a role name and which returns true if the current user has the role and false otherwise. I want this function so that I can make a user interface change available options depending on the current user's roles. I would like the function to work even if the current user doesn't have the xdmp-user-roles privilege. I would prefer not to have to create an amped function to do this. My current hack looks like this: declare function s:user-has-role( $role as xs:string ) as xs:boolean { try { xdmp:role($role) = xdmp:user-roles(xdmp:get-current-user()) } catch ($e) { fn:false() } }; This works fine if the current user has the xdmp-user-roles privilege. However, if the user doesn't have this privilege then the function always returns false regardless of whether the user has the specified role name. Best, Tim Finney _______________________________________________ General mailing list [email protected] http://developer.marklogic.com/mailman/listinfo/general _______________________________________________ General mailing list [email protected] http://developer.marklogic.com/mailman/listinfo/general
