Hi Danny, Respectfully, you are taking the wrong approach. Instead of thinking about what your "developer" role can't do, you should instead be thinking about what it can do. Permissions in MarkLogic are a "white list" rather than a "black list". In other words, you start with nothing and have to pick which permissions to allow opposed to starting with everything and picking which permissions to deny.
Make a list of the things you want your role to be able to do and then work on implementing those one by one. Want your developer role to be able to read all of the data in the database? Then assign to it all of the roles that read capabilities may possibly be bound to. Want your developer role to be able to view but not edit configuration information? Then you may want to assign the "manage-user" role. Nearly every granular aspect of MarkLogic is bound to an execute permission or associated with a role that restricts access to it. Your problem is simply a matter of picking the right permissions and roles to assign to your "developer" role. I am happy to help you try to figure out how to grant access to the actions that you want your role to be able to perform. Best, Rob Rob Szkutak Senior Consultant MarkLogic Corporation rob.szku...@marklogic.com www.marklogic.com<http://www.marklogic.com> ________________________________ From: general-boun...@developer.marklogic.com [general-boun...@developer.marklogic.com] on behalf of Danny Sinang [d.sin...@gmail.com] Sent: Monday, August 29, 2016 5:01 PM To: general Subject: [MarkLogic Dev General] Developer Role Hi, I'd like to create a developer role in MarkLogic that can do everything that the admin role can do except : 1. Start, shutdown, restart the cluster 2. Create, update and delete databases 3. Create, update and delete forests 4. Create, update and delete app services 5. Create, update and delete scheduled tasks 6. Create, update and delete users, roles, privileges Any suggestions on how I can go about creating this role (if possible) ? Regards, Danny
_______________________________________________ General mailing list General@developer.marklogic.com Manage your subscription at: http://developer.marklogic.com/mailman/listinfo/general
