Barneyb, I see what you are saying, and part of my ideas come from the fact that I am very new to this kind of higher level of thinking. My concern with directly accessing the User object is that lets say for instance (and I am not going to do this, but what if...) I wanted to change the security rules. If my CFIF statements are based directly on the Roles the user knows, then I might have to go back and change all the CFIF statements. However, if I have a controller object, then I would change the code in one CFC method or so, and the CFIF statements could stay the same.
Of course, I could also change the HasRole method, but that is really just a property getter and changing the rules in that would not feel "right". Thanks, Ben -----Original Message----- From: Barney Boisvert [mailto:[EMAIL PROTECTED] Sent: Monday, July 18, 2005 3:01 PM To: CF-Talk Subject: Re: Nested CFC Method calls Your security manager isn't applying the roles, the code calling the security manager is. That is, this line: <cfif SecurityController.HasAccess(User, "publications")>....</cfif> is applying the roles to the application, not the hasAccess method of the security manager. That line ought to read: <cfif user.hasRole("publications")>...</cfif> It's still the CFIF applying the information, just it's getting the required info in a much more direct and easy to read fashion. cheers, barneyb On 7/18/05, Ben Nadel <[EMAIL PROTECTED]> wrote: > I was thinking about going directly to the User and skipping the > SecurityController, but then I felt that the user should know about how its > access is applied. Meaning that, while a user might know its own roles, only > the Security system itself should understand how the roles are applied to > the application. > > That just made more sense in my mind. > > Thanks, > Ben > -- Barney Boisvert [EMAIL PROTECTED] 360.319.6145 http://www.barneyb.com/ Got Gmail? I have 50 invites. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Logware (www.logware.us): a new and convenient web-based time tracking application. Start tracking and documenting hours spent on a project or with a client with Logware today. Try it for free with a 15 day trial account. http://www.houseoffusion.com/banners/view.cfm?bannerid=67 Message: http://www.houseoffusion.com/lists.cfm/link=i:4:212148 Archives: http://www.houseoffusion.com/cf_lists/threads.cfm/4 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=11502.10531.4 Donations & Support: http://www.houseoffusion.com/tiny.cfm/54
