Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
MarkLogic: Get a list of all users and their associated permissions
xquery version "1.0-ml";
declare function local:get-security-users() {
xdmp:eval('xquery version "1.0-ml";
import module namespace sec="http://marklogic.com/xdmp/security" at "/MarkLogic/security.xqy";
declare function local:expand-role-roles($roles){
if(not(empty($roles)))
then(
element ul {attribute class {"parent-roles", $roles},
for $role in $roles
return element li {attribute class {count(sec:role-get-roles($role)), sec:role-get-roles($role) }, element span {attribute class {"glyphicon glyphicon-tower"}, " "}, " ", $role, local:expand-privileges($role), local:expand-role-roles(sec:role-get-roles($role)) }})
else()
};
declare function local:expand-roles($uname){
element ul {attribute class {"parent-user", $uname},
for $i in sec:user-get-roles($uname)
return (element li {attribute class {"role-name"}, element span {attribute class {"glyphicon glyphicon-tower"}, " "}, " ", $i}, local:expand-privileges($i), local:expand-role-roles(sec:role-get-roles($i)))
}
};
declare function local:expand-privileges($role){
element ul {attribute class {"privileges"},
for $i in sec:role-privileges($role)
return element li {text { xs:string($i/sec:privilege-name), "(", xs:string($i/sec:kind), ")" }}}
};
declare function local:get-users(){
for $user in cts:search(doc(), cts:element-query( fn:QName("http://marklogic.com/xdmp/security", "user"), cts:and-query(()) ) )
order by $user/sec:user/sec:user-name
return xs:string($user/sec:user/sec:user-name)};
element ul {attribute class {"top"},
for $i in local:get-users()
return (element li {attribute class {"user-name"}, element span {attribute class {"glyphicon glyphicon-user"}, " "}, " ", $i}, local:expand-roles($i))
}
',
(),
<options xmlns="xdmp:eval">
<database>{xdmp:security-database()}</database>
</options>)
};
local:get-security-users()
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.