`Role.create()`

We recommend you use FSL to create and update user-defined roles. See FSL role schema.

Create a role.

Signature

Role.create(data: {*: Any}) => Role

Description

The Role.create() method creates a role with the provided data.

Only resources with an admin key can create or manage user-defined roles. Roles are created in the current database. To establish the same roles throughout a database hierarchy, you must separately create identical roles in each child database that requires them.

Considerations

If a database has staged schema, this method adds a role to the staged schema, not the active schema.

If the database has no staged schema, using this method is equivalent to making an unstaged schema change. Changes are applied immediately to the database’s active schema.

Avoid concurrent schema changes

Concurrent unstaged schema changes can cause contended transactions, even if the changes affect different resources. This includes unstaged changes made using:

A schema change triggers a transaction that validates the entire database schema. To avoid errors, do one of the following instead:

Run staged schema changes
Perform unstaged schema changes sequentially

Parameters

Parameter	Type	Required	Description
data	Object	Yes	Object describing the role.

Parameter

Type

Required

Description

data

Object

Yes

Object describing the role.

data fields

Name	Type	Required	Description
name	String	Yes	A unique name.
membership	Array		One or more membership configuration objects. See Membership definition.
privileges	Array	Yes	One or more privilege configuration objects. See Privileges definition.
data	Object		User-defined metadata that stores supplemental information.

Name

Type

Required

Description

name

String

Yes

A unique name.

membership

Array

One or more membership configuration objects. See Membership definition.

privileges

Array

Yes

One or more privilege configuration objects. See Privileges definition.

data

Object

User-defined metadata that stores supplemental information.

Return value

Type	Description
Role	A `Role` document.

Examples

Role.create({
  name: "customer",
  privileges: [
    {
      resource: "Product",
      actions: {
        read: true
      }
    },
    {
      resource: "Order",
      actions: {
        read: "(ref) => Query.identity() == ref.customer"
      }
    },
    {
      resource: "Customer",
      actions: {
        read: "(ref) => Query.identity() == ref"
      }
    },
    {
      resource: "getOrCreateCart",
      actions: {
        call: "(id) => Query.identity()?.id == id"
      }
    },
    {
      resource: "checkout",
      actions: {
        call: "(name) => true"
      }
    }
  ],
  membership: [
    {
      resource: "Customer"
    }
  ],
  data: {
    desc: "End user customer role"
  }
})

{
  name: "customer",
  coll: Role,
  ts: Time("2099-07-31T12:37:05.280Z"),
  privileges: [
    {
      resource: "Product",
      actions: {
        read: true
      }
    },
    {
      resource: "Order",
      actions: {
        read: "(ref) => Query.identity() == ref.customer"
      }
    },
    {
      resource: "Customer",
      actions: {
        read: "(ref) => Query.identity() == ref"
      }
    },
    {
      resource: "getOrCreateCart",
      actions: {
        call: "(id) => Query.identity()?.id == id"
      }
    },
    {
      resource: "checkout",
      actions: {
        call: "(name) => true"
      }
    }
  ],
  membership: [
    {
      resource: "Customer"
    }
  ],
  data: {
    desc: "End user customer role"
  }
}

Is this article helpful?

Tell Fauna how the article can be improved:
Visit Fauna's forums or email docs@fauna.com

Thank you for your feedback!