SecureMX(mode, requiredPermission, userPermissions [, failureXFA])
Last updated October 15, 2002
Version: 1 | Requires: ColdFusion MX | Library: SecurityLib
Description:
This function is based on the secure.cfm customtag used in FuseBox 3 and authored by Hal Helms. This function validates user permissions against required permissions for code execution using either Bit, List or custom validation.
Return Values:
Returns a boolean.
Example:
<cfset objPermission="4">
<cfset userPermissions="20">
<p>
<strong>Example 1: Bit Validation</strong><br />
<cfif secureMX( "bit", objPermission, userPermissions )>
Permission Granted. Execute some code...
<cfelse>
Permission Denied.
</cfif>
</p>
<cfset objPermission="Admin">
<cfset userPermissions="User">
<p>
<strong>Example 2: List Validation</strong><br />
<cfif secureMX( "List", objPermission, userPermissions )>
Permission Granted. Execute some code...
<cfelse>
Permission Denied.
</cfif>
</p>
<cfset objPermission="objRights">
<cfset userPermissions="stUserRights">
<p>
<strong>Example 3: Custom Validation</strong><br />
<cfif secureMX( "customModel", objPermission, userPermissions )>
Permission Granted. Execute some code...
<cfelse>
Permission Denied.
</cfif>
<cfset objPermission="Admin">
<cfset userPermissions="User">
<p>
<strong>Example 4: Validation with XFA</strong><br />
<cfif secureMX( "List", objPermission, userPermissions, "login.cfm" )>
Permission Granted. Execute some code...
<cfelse>
Permission Denied.
</cfif>
--->
Parameters:
| Name | Description | Required |
|---|---|---|
| mode | String, "bit" or "list" | Yes |
| requiredPermission | Permissions required for access. | Yes |
| userPermissions | Permissions of the user. | Yes |
| failureXFA | Fusebox XFA | No |
Full UDF Source:
<cfscript>
/**
* This function validates user permissions against required permissions using either Bit, List or custom validation.
*
* @param mode String, "bit" or "list" (Required)
* @param requiredPermission Permissions required for access. (Required)
* @param userPermissions Permissions of the user. (Required)
* @param failureXFA Fusebox XFA (Optional)
* @return Returns a boolean.
* @author Rob Rusher (rob@robrusher.com)
* @version 1, October 15, 2002
*/
function SecureMX(model, requiredPermission, userPermissions) {
var permitted = false;
// Switch to appropriate security model
switch( model ) {
// Bit Validation
case "bit":
{
if ( BitAnd( userPermissions, requiredPermission ) ) {
permitted = true;
}
break;
}
// List Validation
case "list":
{
if ( ListFindNoCase( userPermissions, requiredPermission ) ) {
permitted = true;
}
break;
}
// Define custom validation here
default:
{
include( model & ".cfm" );
permitted = true;
}
}
// If not permitted and an Exit FuseAction is defined
if ( NOT permitted and isDefined( "attributes.failureXFA" ) ) {
location( "#request.self#?fuseaction=#attributes.failureXFA#", 1 );
}
return (permitted);
}
</cfscript>
Search CFLib.org
Latest Additions
arrayTrim
10 day(s) ago
longTime
15 day(s) ago
quickSort
25 day(s) ago
GetHostAddress
28 day(s) ago
Top Rated
Rated 5.0, 16 time(s)
Rated 5.0, 13 time(s)
Rated 5.0, 10 time(s)
Rated 5.0, 4 time(s)