On Wed, 02 Dec 2015 11:31:58 -0800, Katherine Ford <[email protected]> wrote:
> I have a CPF domain that includes some documents inserted via XCC. XCC > uses > credentials for a limited user, and the XCC request calls an amped > function to > insert the documents. When the documents are inserted, > cpf/triggers/on-create.xqy > is triggered, and fails (SEC-PERMDENIED), because it is evaluated as the > limited > user without the privileges to change the documents’ properties. > > > Is there a safe way to amp the functions in cpf.xqy that set document > properties, > or some other workaround for when the user who loads a document only has > the > privileges to modify the document temporarily? Any ideas? > > > -Katherine You should give your limited user the pipeline-execution role - this already has a bunch of amps for various privileged operations CPF uses. If there are other functions that you need to amp, I would amp them to that role. //Mary _______________________________________________ General mailing list [email protected] Manage your subscription at: http://developer.marklogic.com/mailman/listinfo/general
