CFLib.org – Common Function Library Project

Secure(model, requiredPermission, userPermissions)

Last updated September 27, 2002

author

Rob Rusher

Version: 1 | Requires: CF5 | Library: SecurityLib

Description:
This function is based on the secure.cfm customtag used in FuseBox 3 and authored by Hal Helms. This function validates user permissions against required permissions for code execution using either Bit, List or custom validation.

Return Values:
Returns a boolean.

Example:

<cfset objPermission="4">
<cfset userPermissions="20">
<cfoutput>
<p>
<strong>Example 1: Bit Validation</strong><br />
<cfif secure( "bit", objPermission, userPermissions )>
    Permission Granted. Execute some code...
<cfelse>
    Permission Denied.
</cfif>
</p>
<cfset objPermission="Admin">
<cfset userPermissions="User">
<p>
<strong>Example 2: List Validation</strong><br />
<cfif secure( "List", objPermission, userPermissions )>
    Permission Granted. Execute some code...
<cfelse>
    Permission Denied.
</cfif>
</p>

<cfset objPermission="objRights">
<cfset userPermissions="stUserRights">
<p>
<strong>Example 3: Custom Validation</strong><br />
<cfif secure( "customModel", objPermission, userPermissions )>
    Permission Granted. Execute some code...
<cfelse>
    Permission Denied.
</cfif>

</cfoutput>

Parameters:

Name Description Required
model String, "bit" or "list" Yes
requiredPermission Permissions required for access. Yes
userPermissions Permissions of the user. Yes

Full UDF Source: 

/**
 * This function validates user permissions against required permissions using Bit, List or custom validation.
 * 
 * @param model      String, "bit" or "list" (Required)
 * @param requiredPermission      Permissions required for access. (Required)
 * @param userPermissions      Permissions of the user. (Required)
 * @return Returns a boolean. 
 * @author Rob Rusher (rob@robrusher.com) 
 * @version 1, September 27, 2002 
 */
function Secure(model, requiredPermission, userPermissions) {
    var permitted = false;
    // Switch to appropriate security model
    switch( model ) {
        // Bit Validation
        case "bit":
        {
            if ( BitAnd( userPermissions, requiredPermission ) ) {
                permitted = true;
            }
            break;
        }
        // List Validation
        case "list":
        {
            if ( ListFindNoCase( userPermissions, requiredPermission ) ) {
                permitted = true;
            }
            break;
        }
        default: {
            // Define custom validation here.
            permitted = true;
        }
    }
    
    return (permitted);
}

Search CFLib.org


Latest Additions

Raymond Camden added
QueryDeleteRows
November 04, 2017

Leigh added
nullPad
May 11, 2016

Raymond Camden added
stripHTML
May 10, 2016

Kevin Cotton added
date2ExcelDate
May 05, 2016

Raymond Camden added
CapFirst
April 25, 2016

Created by Raymond Camden / Design by Justin Johnson

Copyright 2018, All Rights Reserved
Submit A UDF | RSS