Yeah I'd say the problem is that you conceptually have two roles but technically only have one.
If users operate being able to read docs or be able to read and write docs, then you need two roles to support that. Change the permissions on the docs so that x-user can read but only x-admin can update. Changing 10 mil docs isn't too bad. Get the Uris you want to update using cts:Uris or something and the spawn the permission changing onto the task server. I just did this the other day with about 244000 docs and it took maybe 20 min Yours will be longer but spawning will just run in the background anyway. Sent from my iPhone On Aug 31, 2012, at 9:57 AM, "Danny Sinang" <d.sin...@gmail.com> wrote: > Hi Will, > > The default permissions are as follows : > > x-user : read > > x-user : insert > > x-user : update > > x-user : execute > > security : read > > secuirty : insert > > security : update > > > > > > > > > I haven't tried creating a role with x-admin : read as you are suggesting. > > I tried, last night, creating a role with x-user : read. But that didn't > work. Couldn't even read the data. > > Regards, > Danny > > On Fri, Aug 31, 2012 at 11:25 AM, Will Thompson <wthomp...@jonesmcclure.com> > wrote: > Danny, > > > > What default permissions, if any, are set on your documents? Have you tried > creating a role with only x-admin : read? > > > > -W > > > > > > From: general-boun...@developer.marklogic.com > [mailto:general-boun...@developer.marklogic.com] On Behalf Of Danny Sinang > Sent: Friday, August 31, 2012 6:57 AM > To: general > Subject: [MarkLogic Dev General] Creating user with read-only permission > > > > Hi, > > > > I need to create users with read-only permission over all our documents but, > from what I've read, it looks like I have to update the permissions on all > documents to do this. > > > > We've got around 10 million documents in ML and all of them were created > using a user called "x-admin-user" who is assigned the following roles : > > > > admin > > security > > dls-user > > dls-admin > > x-admin > > > > The x-admin role has the following default permissions : > > > > x-user : read > > x-user : insert > > x-user : update > > x-user : execute > > > > So far, the only way I can give my new users access to our data is to give > them the role of "x-user" but that gives them update privileges as well. > > > > Is there an easier way to grant read-only access ? > > > > Regards, > Danny > > > > > _______________________________________________ > General mailing list > General@developer.marklogic.com > http://developer.marklogic.com/mailman/listinfo/general > > > _______________________________________________ > General mailing list > General@developer.marklogic.com > http://developer.marklogic.com/mailman/listinfo/general
_______________________________________________ General mailing list General@developer.marklogic.com http://developer.marklogic.com/mailman/listinfo/general
_______________________________________________ General mailing list General@developer.marklogic.com http://developer.marklogic.com/mailman/listinfo/general
