Describe the bug
Using ml-gradle 4.1.1 version ,we are able to deploy the TDE templates but the permissions are not added the templates

To Reproduce
Try running mlDeploy to deploy the TDE templates to App specific Schemas database.

Expected behavior
TDE templates are loaded into App specific Schemas database with the permissions set in permission.properties

Sample project code :
scout-bug.zip

Raised as per the discussion on stackoverflow question https://stackoverflow.com/questions/74277295/add-permissions-for-tde-templates-using-ml-gradle?noredirect=1#comment131252355_74277295

Thanks for the submission, and will respond to the SO post.

Actually I'll respond here first - in your example, you have this in permissions.properties:

*.tdex=scoutml-admin,read,scoutml-admin,update,scoutml-admin,insert,scoutml-admin,execute,scoutml-admin,node-update,scoutml-reader,read,scoutml-reader,execute

*.tdex isn't supported per the docs at https://github.com/marklogic-community/ml-javaclient-util/wiki/Loading-files#specifying-collections-and-permissions . Only *=role,capability,etc is supported as a way of defining default permissions for every file in a directory.

Can you try that out and see if it works in your project? In your SO post, you do mention using * by itself, but maybe you were using *.tdex?

Hi @rjrudin , I tried using only the *=role,capability,etc to set the permissions for every file in a directory but getting Build failed error in Jenkins.PFA the sample project and build log for the same.
build_log.txt
scout-bug-star.zip

And do we need to have ml-config folder with content-database.json and schemas-database.json for this to work? I have configured mlContentDatabaseName and mlSchemasDatabaseName in gradle.properties,so is it required to explicitly set in ml-config?

ml-gradle defaults to creating a REST API instance (unless mlNoRestServer=true), which includes a content database. But that content database by default points to the OOTB Schemas database. You can stick with that, but it's more common to include the two files you mentioned:

• schema-database.json usually only needs a database-name in it
• content-database.json then will have database-name and schema-database in it, with the latter having a value matching the name of your schema database

ml-gradle will use the two properties you mentioned - mlContentDatabaseName and mlSchemasDatabaseName - to populate a couple tokens for convenience that you can include in your files (this was done before all ml* properties were made available for use in resource files).

This example project is worth looking at - https://github.com/marklogic-community/ml-gradle/tree/master/examples/schemas-project/src/main

For the null-pointer error - did some testing and that's a bug - "node-update" isn't yet supported. We'll get a new patch release of ml-gradle out soon to address that.

However, odds are you only need read/update permissions on your schema. So I would just do the following:

*=scoutml-reader,read,scoutml-admin,update

That assumes that your scoutml-admin role inherits scoutml-reader. If not, just append ,scoutml-admin,read .

Bug opened at marklogic/ml-javaclient-util#159 . @antonymadonnaa thanks for the helpful feedback here, and again, we'll have a patch release out soon (though in the meantime, you should be fine with the read/update usage shown above).

Hi @rjrudin , I think you are right, after I removed the node-update capability from permissions.properties, now the other permissions are set to the templates. Thank you so much for your quick response and helping out in resolving this.You can close this bug if there are no pending actions.