CFLib.org – Common Function Library Project

SecureMX(mode, requiredPermission, userPermissions[, failureXFA])

Last updated October 15, 2002

author

Rob Rusher

Version: 1 | Requires: CF6 | Library: SecurityLib

Description:
This function is based on the secure.cfm customtag used in FuseBox 3 and authored by Hal Helms. This function validates user permissions against required permissions for code execution using either Bit, List or custom validation.

Return Values:
Returns a boolean.

Example:

<!---
<cfset objPermission="4">
<cfset userPermissions="20">
<p>
<strong>Example 1: Bit Validation</strong><br />
<cfif secureMX( "bit", objPermission, userPermissions )>
	Permission Granted. Execute some code...
<cfelse>
	Permission Denied.
</cfif>
</p>
<cfset objPermission="Admin">
<cfset userPermissions="User">
<p>
<strong>Example 2: List Validation</strong><br />
<cfif secureMX( "List", objPermission, userPermissions )>
	Permission Granted. Execute some code...
<cfelse>
	Permission Denied.
</cfif>
</p>

<cfset objPermission="objRights">
<cfset userPermissions="stUserRights">
<p>
<strong>Example 3: Custom Validation</strong><br />
<cfif secureMX( "customModel", objPermission, userPermissions )>
	Permission Granted. Execute some code...
<cfelse>
	Permission Denied.
</cfif>

<cfset objPermission="Admin">
<cfset userPermissions="User">
<p>
<strong>Example 4: Validation with XFA</strong><br />
<cfif secureMX( "List", objPermission, userPermissions, "login.cfm" )>
	Permission Granted. Execute some code...
<cfelse>
	Permission Denied.
</cfif>
--->

Parameters:

Name Description Required
mode String, "bit" or "list" Yes
requiredPermission Permissions required for access. Yes
userPermissions Permissions of the user. Yes
failureXFA Fusebox XFA No

Full UDF Source:

/**
 * This function validates user permissions against required permissions using either Bit, List or custom validation.
 * 
 * @param mode 	 String, "bit" or "list" (Required)
 * @param requiredPermission 	 Permissions required for access. (Required)
 * @param userPermissions 	 Permissions of the user. (Required)
 * @param failureXFA 	 Fusebox XFA (Optional)
 * @return Returns a boolean. 
 * @author Rob Rusher (rob@robrusher.com) 
 * @version 1, October 15, 2002 
 */
function SecureMX(model, requiredPermission, userPermissions) {
	var permitted = false;
	// Switch to appropriate security model
	switch( model ) {
		// Bit Validation
		case "bit":
		{
			if ( BitAnd( userPermissions, requiredPermission ) ) {
				permitted = true;
			}
			break;
		}
		// List Validation
		case "list":
		{
			if ( ListFindNoCase( userPermissions, requiredPermission ) ) {
				permitted = true;
			}
			break;
		}
		// Define custom validation here
		default:
		{
			include( model & ".cfm" );
			permitted = true;
		}
	}
	
	// If not permitted and an Exit FuseAction is defined
	if ( NOT permitted and isDefined( "attributes.failureXFA" ) ) {
		location( "#request.self#?fuseaction=#attributes.failureXFA#", 1 );
	}
	
	return (permitted);
}
blog comments powered by Disqus

Search CFLib.org


Latest Additions

Kevin Cotton added
date2ExcelDate
May 5, 2016

Raymond Camden added
CapFirst
April 25, 2016

Chris Wigginton added
loremIpsum
January 18, 2016

Gary Stanton added
calculateArrival...
November 19, 2015

Sebastiaan Naafs - van Dijk added
getDaysInQuarter
November 13, 2015

Created by Raymond Camden / Design by Justin Johnson