# Aerospike::grantRoles

Aerospike::grantRoles - Add roles to user's list of roles in a security-enabled Aerospike database

## Description

```
public int grantRoles ( string $user, array $roles [, array $options ] )
```

**Aerospike::grantRoles()** will add roles to a user's list of roles.

## Parameters

**user** string username.

**roles** an array of new roles to be assigned to the user.

**[options](aerospike.md)** including
- **Aerospike::OPT_WRITE_TIMEOUT**

## Return Values

Returns an integer status code.  Compare to the Aerospike class status
constants.  When non-zero the **Aerospike::error()** and
**Aerospike::errorno()** methods can be used.

## Example

```php
<?php

$config = ["hosts" => [["addr"=>"localhost", "port"=>3000]],
           "shm"=>[],
           "user"=>"admin", "pass"=>"admin"];
$client = new Aerospike($config, true);
if (!$client->isConnected()) {
   echo "Aerospike failed to connect[{$client->errorno()}]: {$client->error()}\n";
   exit(1);
}

$res = $client->grantRoles("john", array("read-write", "sys-admin"));
if ($res == Aerospike::OK) {
    echo "read-write and sys-admin roles successfully granted to user john";
} elseif ($res == Aerospike::ERR_ROLE_VIOLATION) {
    echo "User does not possess the required role to grant new roles";
} elseif ($res == Aerospike::ERR_INVALID_ROLE) {
    echo "Invalid Role being attempted to be assigned to user john";
} else {
    echo "[{$client->errorno()}] ".$client->error();
}

?>
```

We expect to see:

```
read-write and sys-admin roles successfully granted to user john
```