Function document definition
Fields
| Field | Type | Description |
|---|---|---|
|
Name of the function. Can’t be |
|
|
Document collection name. |
|
|
Most recent document update timestamp. |
|
|
FQL expression. |
|
|
(Optional) Role to use when the function is called. Only included if role is provided when the UDF is created. Can be a built-in role, |
Functions and roles
When creating a UDF, it is important to consider interactions between the
potential roles of the caller and that of the function role. A UDF cannot
invoke an action that exceeds the assigned role privileges. For example, a UDF
designed for a write operation fails on execution if it has an assigned role
limited to read privileges.
An authenticated caller who is a member of a user-defined Role with limited
privileges can execute any function with a role that grants the call
action privilege. The call action permits the function to execute even if it
results in actions that exceed the limited privileges of the caller.
Assigning a role with the call action privilege is useful in many scenarios.
For example, a complete_order function can be created with a role, such as
admin. Such a function can complete a financial transaction and access
database resources the caller cannot access.
|
Be careful when assigning roles with |
Examples
Access the Function definition object:
{
name: "Double",
coll: Function,
ts: "2023-04-22T13:19:08.080x",
body: "(x) => x + x",
role: "admin"
}Is this article helpful?
Tell Fauna how the article can be improved:
Visit Fauna's forums
or email docs@fauna.com
Thank you for your feedback!