CreateRole

CreateRole( param_object )
CreateRole( param_object )
CreateRole( param_object )
CreateRole( param_object )
create_role( param_object )
CreateRole( param_object )

Description

CreateRole creates a new user-defined role with the specified param_object. This function requires an admin key for authentication.

The maximum number of overlapping roles is 64. When you attempt to create the 65th overlapping role, you get an error when calling CreateRole.

Parameters

Argument Type Definition and requirements

param_object

Object

The param_object fields are described below.

param_object

Field name Field type Definition and requirements

name

The role’s name.

privileges

membership

Optional. One or more membership configuration objects.

data

Optional - Contains user-defined metadata for the role. It is provided for the developer to store role-relevant information.

Returns

An object containing the metadata about the results of CreateRole operations.

Field name Field type Definition and requirements

ref

The reference is an automatically-generated, unique identifier within the database to the role that was created.

ts

The timestamp, with microsecond resolution, associated with the creation of the role.

name

The role’s name.

privileges

The role’s privileges configuration.

membership

The role’s membership configuration.

Examples

The following query creates a role that grants unrestricted read access to the spells collection:

client.Query(
  CreateRole(
    Obj(
      "name", "new-role",
      "privileges", Obj(
        "resource", Collection("spells"),
        "actions", Obj("read", true)
      )
    )
  )
);
{
  "ref": { "@ref": "roles/new-role" },
  "class": { "@ref": "roles" },
  "ts": 1509244540009619,
  "name": "new-role",
  "privileges": {
    "resource": { "@ref": "classes/spells" },
    "actions": { "read": true }
  }
}
curl https://db.fauna.com/ \
    -u fnAChGwBcAACAO70ziE0cfROosNJHdgBmJU1PgpL: \
    -d '{
      "create_role": {
        "object": {
          "name": "new-role",
          "privileges": {
            "object": {
              "resource": { "class": "spells" },
              "actions": { "object": { "read": true } }
            }
          }
        }
      }
    }'
HTTP/1.1 201 Created
{
  "ref": { "@ref": "roles/new-role" },
  "class": { "@ref": "roles" },
  "ts": 1509244540009619,
  "name": "new-role",
  "privileges": {
    "resource": { "@ref": "classes/spells" },
    "actions": { "read": true }
  }
}
result, _ := client.Query(
    f.CreateRole(
        f.Obj{
            "name": "new-role",
            "privileges": f.Obj{
                "resource": f.Collection("spells"),
                "actions": f.Obj{"read": true},
            },
        },
    ),
)
fmt.Println(result)
map[ref:{new-role 0xc4201ef8e0 <nil>} ts:1509244540009619 name:new-role privileges:map[resource:{spells 0xc4201efb40 <nil>} actions:map[read: true]]]
System.out.println(
    client.query(
        CreateRole(
            Obj(
                "name", Value("new-role"),
                "privileges", Obj(
                    "resource", Collection("spells"),
                    "actions", Obj("read", Value(true))
                )
            )
        )
    ).get());
{
  ref: ref(id = "new-role", collection = ref(id = "roles")),
  ts: 1526674566835735,
  name: "new-role",
  privileges: {
    resource: ref(id = "spells", collection = ref(id = "collections")),
    actions: { read: true }
  }
}
client.query(
  q.CreateRole({
    name: 'new-role',
    privileges: {
      resource: q.Collection('spells'),
      actions: { read: true },
    },
  })
)
.then((result) => console.log(result))
{
  ref: ref(id = "new-role", collection = ref(id = "roles")),
  ts: 1526674566835735,
  name: "new-role",
  privileges: {
    resource: ref(id = "spells", collection = ref(id = "collections")),
    actions: { read: true }
  }
}
client.query(
  q.create_role({
    "name": "new-role",
    "privileges": {
      "resource": q.collection("spells"),
      "actions": { "read": true }
    }
  })
)
{
  "ref": { "@ref": "roles/new-role" },
  "class": { "@ref": "roles" },
  "ts": 1509244540009619,
  "name": "new-role",
  "privileges": {
    "resource": { "@ref": "classes/spells" },
    "actions": { "read": true }
  }
}
client.query(
  CreateRole(
    Obj(
      "name" -> "new-role",
      "privileges" -> Obj(
        "resource" -> Collection("spells"),
        "actions" -> Obj("read" -> true)
      )
    )
  )
)
{
  "ref": { "@ref": "roles/new-role" },
  "class": { "@ref": "roles" },
  "ts": 1509244540009619,
  "name": "new-role",
  "privileges": {
    "resource": { "@ref": "classes/spells" },
    "actions": { "read": true }
  }
}

Was this article helpful?

We're sorry to hear that.
Tell us how we can improve!
Visit Fauna's Discourse forums or email docs@fauna.com

Thank you for your feedback!