CFLib.org – Common Function Library Project

SecureMX(mode, requiredPermission, userPermissions [, failureXFA])

Last updated October 15, 2002
Download UDF

author

Rob Rusher Rob Rusher

Version: 1 | Requires: ColdFusion MX | Library: SecurityLib

Description:
This function is based on the secure.cfm customtag used in FuseBox 3 and authored by Hal Helms. This function validates user permissions against required permissions for code execution using either Bit, List or custom validation.

Return Values:
Returns a boolean.

Example:

<!---
<cfset objPermission="4">
<cfset userPermissions="20">
<p>
<strong>Example 1: Bit Validation</strong><br />
<cfif secureMX( "bit", objPermission, userPermissions )>
    Permission Granted. Execute some code...
<cfelse>
    Permission Denied.
</cfif>
</p>
<cfset objPermission="Admin">
<cfset userPermissions="User">
<p>
<strong>Example 2: List Validation</strong><br />
<cfif secureMX( "List", objPermission, userPermissions )>
    Permission Granted. Execute some code...
<cfelse>
    Permission Denied.
</cfif>
</p>

<cfset objPermission="objRights">
<cfset userPermissions="stUserRights">
<p>
<strong>Example 3: Custom Validation</strong><br />
<cfif secureMX( "customModel", objPermission, userPermissions )>
    Permission Granted. Execute some code...
<cfelse>
    Permission Denied.
</cfif>

<cfset objPermission="Admin">
<cfset userPermissions="User">
<p>
<strong>Example 4: Validation with XFA</strong><br />
<cfif secureMX( "List", objPermission, userPermissions, "login.cfm" )>
    Permission Granted. Execute some code...
<cfelse>
    Permission Denied.
</cfif>
--->

Parameters:

Name Description Required
mode String, "bit" or "list" Yes
requiredPermission Permissions required for access. Yes
userPermissions Permissions of the user. Yes
failureXFA Fusebox XFA No

Full UDF Source:

<cfscript>
/**
* This function validates user permissions against required permissions using either Bit, List or custom validation.
*
* @param mode      String, "bit" or "list" (Required)
* @param requiredPermission      Permissions required for access. (Required)
* @param userPermissions      Permissions of the user. (Required)
* @param failureXFA      Fusebox XFA (Optional)
* @return Returns a boolean.
* @author Rob Rusher (rob@robrusher.com)
* @version 1, October 15, 2002
*/
function SecureMX(model, requiredPermission, userPermissions) {
    var permitted = false;
    // Switch to appropriate security model
    switch( model ) {
        // Bit Validation
        case "bit":
        {
            if ( BitAnd( userPermissions, requiredPermission ) ) {
                permitted = true;
            }
            break;
        }
        // List Validation
        case "list":
        {
            if ( ListFindNoCase( userPermissions, requiredPermission ) ) {
                permitted = true;
            }
            break;
        }
        // Define custom validation here
        default:
        {
            include( model & ".cfm" );
            permitted = true;
        }
    }
    
    // If not permitted and an Exit FuseAction is defined
    if ( NOT permitted and isDefined( "attributes.failureXFA" ) ) {
        location( "#request.self#?fuseaction=#attributes.failureXFA#", 1 );
    }
    
    return (permitted);
}
</cfscript>

Search CFLib.org


Latest Additions

Jose Diaz-Salcedo Jose Diaz-Salcedo added
cfRssFeed
2 day(s) ago

Raymond Compton Raymond Compton added
structBlend
23 day(s) ago

Duncan Duncan added
IsZIPUK
23 day(s) ago

Todd Sharp Todd Sharp added
getTagContentAll
29 day(s) ago

Gerald Guido Gerald Guido added
ListReturnDuplicat...
1 month(s) ago

Created by Raymond Camden / Design by Justin Johnson

Copyright 2008, All Rights Reserved
Submit A UDF | RSS