Paxton Hare paxtonhare
jmakeig
/ catch-permdenied.xqy
Last active
August 17, 2016 12:45
Display roles and privileges when you get a permission denied error
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import module namespace sec="http://marklogic.com/xdmp/security" at "/MarkLogic/security.xqy"; | |
| (: Don’t use this in production. It leaks security information available to a user with elevated privileges, such as admin. :) | |
| try { | |
| (: … :) | |
| } catch($err) { | |
| if('SEC-PERMDENIED' = $err/error:code/data()) then | |
| xdmp:invoke-function( function() { | |
| for $role in xdmp:user-roles(xdmp:get-current-user()) (: Or a specific user, especially if you’re running as an elevated role :) |