Check out v4 of the Fauna CLI
v4 of the Fauna CLI is now in beta. The new version introduces enhancements to the developer experience, including an improved authentication workflow. To get started, check out the CLI v4 quick start. |
Role.create()
Learn: Roles |
---|
We recommend you use FSL to create and update user-defined roles. See FSL role schema. |
Create a role.
Description
The Role.create()
method creates a role with the provided data.
Only resources with an admin
key can create or manage user-defined roles.
Roles are created in the current database. To establish the same roles
throughout a database hierarchy, you must separately create identical roles in
each child database that requires them.
Staged schema
If a database has staged schema, this method adds a role to the staged schema, not the active schema.
If the database has no staged schema, using this method is equivalent to making an unstaged schema change. Changes are applied immediately to the database’s active schema.
Avoid concurrent schema changes
Concurrent unstaged schema changes can cause contended transactions, even if the changes affect different resources. This includes unstaged changes made using:
-
The Fauna CLI
-
The Fauna Dashboard
-
The Fauna Core HTTP API’s Schema endpoints
A schema change triggers a transaction that validates the entire database schema. To avoid errors, do one of the following instead:
-
Perform unstaged schema changes sequentially
Parameters
Parameter | Type | Required | Description |
---|---|---|---|
data |
Yes |
Object describing the role. |
data fields
Name | Type | Required | Description |
---|---|---|---|
name |
Yes |
A unique name. |
|
membership |
One or more membership configuration objects. See Membership definition. |
||
privileges |
Yes |
One or more privilege configuration objects. See Privileges definition. |
|
data |
User-defined metadata that stores supplemental information. |
Examples
Role.create({
name: "customer",
privileges: [
{
resource: "Product",
actions: {
read: true
}
},
{
resource: "Order",
actions: {
read: "(ref) => Query.identity() == ref.customer"
}
},
{
resource: "Customer",
actions: {
read: "(ref) => Query.identity() == ref"
}
},
{
resource: "getOrCreateCart",
actions: {
call: "(id) => Query.identity()?.id == id"
}
},
{
resource: "checkout",
actions: {
call: "(name) => true"
}
}
],
membership: [
{
resource: "Customer"
}
],
data: {
desc: "End user customer role"
}
})
{
name: "customer",
coll: Role,
ts: Time("2099-07-31T12:37:05.280Z"),
privileges: [
{
resource: "Product",
actions: {
read: true
}
},
{
resource: "Order",
actions: {
read: "(ref) => Query.identity() == ref.customer"
}
},
{
resource: "Customer",
actions: {
read: "(ref) => Query.identity() == ref"
}
},
{
resource: "getOrCreateCart",
actions: {
call: "(id) => Query.identity()?.id == id"
}
},
{
resource: "checkout",
actions: {
call: "(name) => true"
}
}
],
membership: [
{
resource: "Customer"
}
],
data: {
desc: "End user customer role"
}
}
Is this article helpful?
Tell Fauna how the article can be improved:
Visit Fauna's forums
or email docs@fauna.com
Thank you for your feedback!