CFLib.org – Common Function Library Project

SecureMX(mode, requiredPermission, userPermissions[, failureXFA])

Last updated October 15, 2002

author

Rob Rusher

Version: 1 | Requires: CF6 | Library: SecurityLib

Description:
This function is based on the secure.cfm customtag used in FuseBox 3 and authored by Hal Helms. This function validates user permissions against required permissions for code execution using either Bit, List or custom validation.

Return Values:
Returns a boolean.

Example:

<!---
<cfset objPermission="4">
<cfset userPermissions="20">
<p>
<strong>Example 1: Bit Validation</strong><br />
<cfif secureMX( "bit", objPermission, userPermissions )>
    Permission Granted. Execute some code...
<cfelse>
    Permission Denied.
</cfif>
</p>
<cfset objPermission="Admin">
<cfset userPermissions="User">
<p>
<strong>Example 2: List Validation</strong><br />
<cfif secureMX( "List", objPermission, userPermissions )>
    Permission Granted. Execute some code...
<cfelse>
    Permission Denied.
</cfif>
</p>

<cfset objPermission="objRights">
<cfset userPermissions="stUserRights">
<p>
<strong>Example 3: Custom Validation</strong><br />
<cfif secureMX( "customModel", objPermission, userPermissions )>
    Permission Granted. Execute some code...
<cfelse>
    Permission Denied.
</cfif>

<cfset objPermission="Admin">
<cfset userPermissions="User">
<p>
<strong>Example 4: Validation with XFA</strong><br />
<cfif secureMX( "List", objPermission, userPermissions, "login.cfm" )>
    Permission Granted. Execute some code...
<cfelse>
    Permission Denied.
</cfif>
--->

Parameters:

Name Description Required
mode String, "bit" or "list" Yes
requiredPermission Permissions required for access. Yes
userPermissions Permissions of the user. Yes
failureXFA Fusebox XFA No

Full UDF Source: 

/**
 * This function validates user permissions against required permissions using either Bit, List or custom validation.
 * 
 * @param mode      String, "bit" or "list" (Required)
 * @param requiredPermission      Permissions required for access. (Required)
 * @param userPermissions      Permissions of the user. (Required)
 * @param failureXFA      Fusebox XFA (Optional)
 * @return Returns a boolean. 
 * @author Rob Rusher (rob@robrusher.com) 
 * @version 1, October 15, 2002 
 */
function SecureMX(model, requiredPermission, userPermissions) {
    var permitted = false;
    // Switch to appropriate security model
    switch( model ) {
        // Bit Validation
        case "bit":
        {
            if ( BitAnd( userPermissions, requiredPermission ) ) {
                permitted = true;
            }
            break;
        }
        // List Validation
        case "list":
        {
            if ( ListFindNoCase( userPermissions, requiredPermission ) ) {
                permitted = true;
            }
            break;
        }
        // Define custom validation here
        default:
        {
            include( model & ".cfm" );
            permitted = true;
        }
    }
    
    // If not permitted and an Exit FuseAction is defined
    if ( NOT permitted and isDefined( "attributes.failureXFA" ) ) {
        location( "#request.self#?fuseaction=#attributes.failureXFA#", 1 );
    }
    
    return (permitted);
}

Search CFLib.org


Latest Additions

Raymond Camden added
QueryDeleteRows
November 04, 2017

Leigh added
nullPad
May 11, 2016

Raymond Camden added
stripHTML
May 10, 2016

Kevin Cotton added
date2ExcelDate
May 05, 2016

Raymond Camden added
CapFirst
April 25, 2016

Created by Raymond Camden / Design by Justin Johnson

Copyright 2018, All Rights Reserved
Submit A UDF | RSS