Here's a script that creates an xray role: https://gist.github.com/robwhitby/d331f3aae381dc296c06#file-create-xray-role-xqy
________________________________________ From: [email protected] [[email protected]] on behalf of Harry Bakken [[email protected]] Sent: 17 December 2014 18:57 To: MarkLogic Developer Discussion Subject: Re: [MarkLogic Dev General] xray test framework and security problem Are you certain that the role you created is assigned to the user that is executing the code? Usually when I see something like this, I have the application running as "user a" but assigned my role to "user b." On Wed, Dec 17, 2014 at 12:26 PM, Christine Schwartz <[email protected]<mailto:[email protected]>> wrote: Hi, Our developer is trying out xray, the XQuery test framework, and I've run into a security problem. According to the documentation the user needs a role with several execute privileges: xdmp:eval, xdmp:filesystem-directory, xdmp:filesystem-file, xdmp:invoke, xdmp:xslt-invoke. Our code is not in the modules db. So, I've create a new role with these privileges and assigned that role to the user, no problem. But we keep getting the same error message: 500 Internal Server Error SEC-PRIV: xdmp:filesystem-directory("Apps/theocom-maggie/app/test") -- Need privilege: http://marklogic.com/xdmp/privileges/xdmp-filesystem-directory in /xray/src/modules-filesystem.xqy, at 42:19, in filesystem-directory-exists("Apps/theocom-maggie/app/test") [1.0-ml] $dir = "Apps/theocom-maggie/app/test" in /xray/src/modules-filesystem.xqy, at 16:8, in modules-fs:get-modules("test", "") [1.0-ml] $test-dir = "test" $pattern = "" $test-dir = "test" $fs-dir = "Apps/theocom-maggie/app/test" in /xray/src/modules.xqy, at 22:9, in modules:get-modules("test", "") [1.0-ml] $test-dir = "test" $pattern = "" in /xray/src/xray.xqy, at 17:32, in xray:run-tests("test", (), (), "html") [1.0-ml] $test-dir = "test" $module-pattern = () $test-pattern = () $format = "html" in /xray/, at 18:0 [1.0-ml] Any ideas where I'm going wrong? Thanks, Chris Christine Schwartz Metadata Librarian and XML Database Administrator Princeton Theological Seminary Library _______________________________________________ General mailing list [email protected]<mailto:[email protected]> http://developer.marklogic.com/mailman/listinfo/general _______________________________________________ General mailing list [email protected] http://developer.marklogic.com/mailman/listinfo/general
