Thanks Sean,
In my 'homegrown' access control, I usually give users membership of various
groups, depending on their level and function, as most people do, but then I
found I couldn't control access based on parts of it. So a user who has a
"roles" value of "Admin,Owner" wouldn't be accepted as either "Admin" or
"Owner" If I used the function as follows:
<cfif IsUserInRole("Admin")>
...Admin stuff here ...
</cfif>
Then my user who has the role "Admin,Owner" wouldn't get that info.
The first thing I'd do when trying to debug this is to look at what value
was ACTUALLY stored as the user's roles, to verify it was what I thought it
ought to be. So I wanted to check what was actually in the scope for that
user, to check I hadn't made an error in the query. What I'd be doing if I
had rolled my own was look at a CFDUMP of the SESSION. That's how come I
tried to see where this info is stored. What scope holds the
struct/array/whatever that holds the user's details as provided in the login
routine? It's not in SESSION and its not in REQUEST or APPLICATION.
Cheers
Mike Kear
Windsor, NSW, Australia
AFP Webworks
http://afpwebworks.com
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Sean Corfield
Subject: [cfaussie] Re: Question about CFMX CFLOGIN framework
On Tue, 10 Aug 2004 14:51:38 +1000, Michael Kear <[EMAIL PROTECTED]>
wrote:
> [B] Am I understanding the roles functionality correctly in that users can
> only be in one group - that the isUserInRole() function can only reference
> an entire field and not a part of a field. (i.e. you can have roles like
> "Admin" and "Owner" but not "Admin,Owner,Contributor" unless you are
going
> to reference them as follows: isUserInRole("Admin,Owner,Contributor") )
When you log a user in, you specify a comma-separated list of roles
that they have. So if you said:
<cfloginuser ... roles="Admin,Owner,Contributor" ... />
then you would say:
isUserInRole("Admin")
At least that's my understanding.
What you can't get (easily) is the list of roles that the currently
logged in user has been assigned (if you know all possible roles you
can loop over them calling isUserInRole() to build the list - yuk!)
> [C] Where are the user's variables stored? They don't appear to be part
of
> the session scope.
What "user's variables"? The idea is that you you use <cflogin> /
<cfloginuser> to authenticate users but store whatever data you want
in session scope.
---
You are currently subscribed to cfaussie as: [EMAIL PROTECTED]
To unsubscribe send a blank email to [EMAIL PROTECTED]
Aussie Macromedia Developers: http://lists.daemon.com.au/
