Hi Girish, I wrote a module for discovering the privileges required by an XQuery function; you might find it useful in this case. You can find it here: https://github.com/joemfb/ml-privilege-discovery
Thanks. -jb From: Danny Sokolsky <[email protected]<mailto:[email protected]>> Reply-To: MarkLogic Developer Discussion <[email protected]<mailto:[email protected]>> Date: Friday, May 30, 2014 at 8:16 PM To: MarkLogic Developer Discussion <[email protected]<mailto:[email protected]>> Subject: Re: [MarkLogic Dev General] CPF Privileges Hi Girish, It all depends on what code your action is spawning. There is no special privileges needed to run cpf code, but all of the code in your cpf action will be run as the same user that calls the triggering event. So the way to figure out what privileges are needed is to call the action code outside of your cpf environment as the user you want to run, and start seeing what privileges are needed to run that code (it will throw exceptions for privileges that are needed). That is a place to start. -Danny From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Girish Kulkarni Sent: Friday, May 30, 2014 4:25 PM To: MarkLogic Developer Discussion Subject: [MarkLogic Dev General] CPF Privileges We have a role which is being used to make a cpf call. The CPF action contains a call to a webservice api and a REST api over http on the same Marklogic server. For some reason i am able to trigger the cpf process if i upload a document only when i assign the admin role to this new role. If i remove the admin role and just assign the following roles / Execute privileges..i see CPF execute errors in the Error log. Any clues on what are the missing roles / privileges for the cpf to execute app-user domain-management filesystem-access flexrep-user hadoop-user-read hadoop-user-write pipeline-execution pipeline-management rest-admin rest-reader rest-writer Thanks Girish Kulkarni
_______________________________________________ General mailing list [email protected] http://developer.marklogic.com/mailman/listinfo/general
