> -----Original Message-----
> From: Mike Kear [mailto:[EMAIL PROTECTED]
> Sent: Sunday, April 15, 2007 3:20 AM
> To: CF-Talk
> Subject: Compare two lists and if one element common ...
>
> Is there an easy way to compare two lists and if there is at least one
> common value then .. do something?
>
> What I'm imagining is something like this:
>
> UserPermissions = "1000,1003,1005,1006,1007" (held in the
> session.user.cfc after login)
> Permissions required = "1003,6048,6484,7809" (part of the page
> parameters from the CMS)
>
> And this user has permission 1003 and the page requirements include
> 1003 so he's allowed here.(on the page, the permissions required would
> be OR not AND)
>
> I could do it by looping through one list looking for that value in
> the other list, but is there a simpler way?
Not that I know of (but that's not saying much).
Still - I'm not sure that you really need a simpler way. Checking
entitlements, even on a system with highly granular definitions, will really
never be a performance drag. Instead it can become a maintenance as
security requirements change - I'd make as simple to understand as possible.
My security systems (which, actually, might be useful to you) uses this
method:
<cffunction name="isEntitled"
hint="Returns true if the user is entitled to any of the specified
resources."
returntype="Boolean"
access="Public"
output="No">
<!--- Input Arguments --->
<cfargument name="GroupList" type="String" required="Yes"
hint="A list of group names to check for membership." />
<!--- Set Local Scope --->
<cfset var local = StructNew() />
<!--- Loop over the GroupList --->
<cfloop list="#arguments.GroupList#" index="local.CurGroup">
<cfif StructKeyExists(variables.Groups, local.CurGroup) >
<!--- return true --->
<cfreturn true />
</cfif>
</cfloop>
<!--- If a match wasn't found, return false --->
<cfreturn false />
</cffunction>
"Entitlements" are managed (in this system) as a structure (each key being
an entitlement). Entitlements are represented by their own objects,
accessed via a mediator that greatly improves performance via object
caching.
The whole system can be found here:
http://www.depressedpress.com/Content/Development/ColdFusion/DPLibraries/Ind
ex.cfm (look to the bottom - "Security Package"). Unfortunately I've
(still) not documented it, but I'd be happy to send a sample implementation.
Also, if you're really interested in performance savings, I've had some good
success with client-side implementations of entitlement checking for
interface generation. In short all of the interface questions (enable this
button, show this section, etc) are management client-side. However all
service-level requests (actual "work") are still handled server-side (so
even if the client-side code is tampered with the user is still unable to do
something they're not supposed to).
In a lot of systems that interface generation code outweighs the actual
service-level code by 3 or 4 to 1. Doing all of that presentation work on
the client-side can greatly reduce the server's workload.
Jim Davis
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
ColdFusion MX7 by AdobeĀ®
Dyncamically transform webcontent into Adobe PDF with new ColdFusion MX7.
Free Trial. http://www.adobe.com/products/coldfusion?sdid=RVJV
Archive:
http://www.houseoffusion.com/groups/CF-Talk/message.cfm/messageid:275268
Subscription: http://www.houseoffusion.com/groups/CF-Talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4
