Andrew Clarke

systems architect, internet developer, team leader

Andrew Clarke

Security

ca.clarke.cfscaffold.Security has a function in it called checkRoles().  It takes a list of roles and should return true if the current user has access to perform all those roles, and false otherwise.  This function as implemented is just a placeholder and will always return true.  It is up to you to override this function with your own version to implement roles-based security for your own application.

All CFScaffold roles start with "cfscaffold".  There is a base role that users need to implement to use CFScaffold, which is "cfscaffold".  From there, roles have four basic flavours: create, read, update and delete.  Each entity will have a role for each CRUD task.  For example, for a Person you'll have cfscaffold_create_person, cfscaffold_read_person, cfscaffold_update_person, and cfscaffold_delete_person.  Therefore, in order to update a person, a user would need "cfscaffold" and "cfscaffold_update_person".  I can't remember without looking at the code, but I believe that person would need "cfscaffold_read_person" as well.

Your checkRoles() function should take a comma-separated list of roles, i.e. "cfscaffold_read_person,cfscaffold_update_person".  It should return true if the user matches ALL roles, and false otherwise.

1 Comment

1 response so far ↓

Leave a Comment

Leave this field empty