Check out v4 of the Fauna CLI

v4 of the Fauna CLI is now in beta.

The new version introduces enhancements to the developer experience, including an improved authentication workflow. To get started, check out the CLI v4 quick start.

role.replace()

Learn: Roles

We recommend you use FSL to create and update user-defined roles. See FSL role schema.

Replace a role.

Signature

replace(object: {*: Any}) => Role

Description

The replace() method replaces a role with the object supplied. This method removes any fields on the existing role that aren’t supplied by the object, with some exceptions. The immutable metadata fields coll and ts aren’t removed and can’t be replaced.

The object must include the required fields.

Staged schema

If a database has staged schema, this method interacts with the database’s staged schema, not the active schema.

You can’t rename a role while a database has staged schema.

If the database has no staged schema, using this method is equivalent to making an unstaged schema change. Changes are applied immediately to the database’s active schema.

Avoid concurrent schema changes

Concurrent unstaged schema changes can cause contended transactions, even if the changes affect different resources. This includes unstaged changes made using:

A schema change triggers a transaction that validates the entire database schema. To avoid errors, do one of the following instead:

Parameters

Parameter Type Required Description

data

Object

Yes

Object describing the role.

data fields

Name Type Required Description

name

String

Yes

Unique name.

privileges

Array

Yes

One or more privilege configuration objects. See Privileges definition.

membership

Array

One or more membership configuration objects. See Membership definition.

data

Object

User-defined metadata that stores supplemental information.

Return value

Type Description

Role

A document with replaced fields.

Examples

Role.byName("manager")?.replace({
  name: "manager",
  privileges: [
    {
      resource: "OrderItem",
      actions: {
        create: true,
        read: true,
        write: true,
        delete: true
      }
    },
    {
      resource: "Customer",
      actions: {
        read: true
      }
    },
    {
      resource: "Manager",
      actions: {
        read: "(doc) => Query.identity() == doc && Date.today().dayOfWeek < 6"
      }
    },
    {
      resource: "getOrCreateCart",
      actions: {
        call: true
      }
    },
    {
      resource: "checkout",
      actions: {
        call: <<-END
          (args) => {
            let order = Order.byId(args[0])!
            order?.customer == Query.identity()
          }
        END
      }
    }
  ],
  membership: [
    {
      resource: "Manager"
    },
    {
      resource: "User",
      predicate: "(user) => user.accessLevel == \"manager\""
    }
  ]
})
{
  name: "manager",
  coll: Role,
  ts: Time("2099-10-28T16:14:20.640Z"),
  privileges: [
    {
      resource: "OrderItem",
      actions: {
        create: true,
        read: true,
        write: true,
        delete: true
      }
    },
    {
      resource: "Customer",
      actions: {
        read: true
      }
    },
    {
      resource: "Manager",
      actions: {
        read: "(doc) => Query.identity() == doc && Date.today().dayOfWeek < 6"
      }
    },
    {
      resource: "getOrCreateCart",
      actions: {
        call: true
      }
    },
    {
      resource: "checkout",
      actions: {
        call: <<-END
          (args) => {
            let order = Order.byId(args[0])!
            order?.customer == Query.identity()
          }
        END
      }
    }
  ],
  membership: [
    {
      resource: "Manager"
    },
    {
      resource: "User",
      predicate: "(user) => user.accessLevel == \"manager\""
    }
  ]
}

Is this article helpful? 

Tell Fauna how the article can be improved:
Visit Fauna's forums or email docs@fauna.com

Thank you for your feedback!