Blair,
So is I create a permission called isVIP and assign my groups to it,
would is be good practice then to check permissions and add a flag to
session.dmsec in my projects login.cfm page..
I see bAdmin being set in a bLoggedIn if statement based on an
iAdminState check..
<cfset oAuthorisation = request.dmSec.oAuthorisation>
<cfset iAdminState =
oAuthorisation.checkPermission(permissionName="Admin",reference="PolicyGroup")>
<cfif iAdminState eq 1>
<!--- turn on admin permissions --->
<cfset request.mode.bAdmin = 1>
<cfset session.dmSec.authentication.bAdmin = 1>
blah blah...
If I do something like:
<cfset iVIPState =
oAuthorisation.checkPermission(permissionName="isVIP",reference="PolicyGroup")>
<cfif iVIPState eq 1>
<!--- turn on admin permissions --->
<cfset request.mode.bVIP = 1>
<cfset session.dmSec.authentication.bVIP = 1>
.....
would I be inline with good practice?
On Aug 7, 4:03 pm, "Blair McKenzie" <[EMAIL PROTECTED]> wrote:
> You're pretty much described the entire purpose of groups and permissions.
> Could you just create an extra permission, add it to each of those groups,
> then check for that permission where you would use the flag?
>
> Blair
>
> On 8/8/07, Chris Roth <[EMAIL PROTECTED]> wrote:
>
>
>
>
>
> > I'd like to check the current user's groups, and if they are a memeber
> > of a certain list of groups set a flag that I can use pretty much
> > anywhere. Where is the best place/scope (session,request??) to set
> > this... for example.
>
> > for exmaple, if I set this in the dmheader.cfm include, it does nto
> > seem to "always" be available.. (ie search results, etc.)
>
> > <cfparam name="WHATSCOPE??.VIP" default="0">
>
> > <!--- determine the policy groups (or roles) this user belongs to --->
> > <cfif isDefined("session.dmsec.authentication.lPolicyGroupIDs") and
> > listLen(session.dmsec.authentication.lPolicyGroupIDs)>
> > <!--- concatenate logged in group permissions with anonymous group
> > permissions --->
> > <cfset lpolicyGroupIds =
> > session.dmsec.authentication.lPolicyGroupIDs
> > & "," & application.dmsec.ldefaultpolicygroups>
> > <!--- check for sales partners access --->
> > <cfset lVIPGroupIDs = "18,10">
> > <cfloop list="#lVIPGroupIDs#" index="i">
> > <cfif listfind(session.dmsec.authentication.lPolicyGroupIDs
> > ,i)><cfset
> > WHATSCOPE??.VIP = 1></cfif>
> > </cfloop>
> > <cfelse>
> > <!--- user not logged in, assume anonymous permissions --->
> > <cfset lpolicyGroupIds = application.dmsec.ldefaultpolicygroups>
> > </cfif>- Hide quoted text -
>
> - Show quoted text -
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"farcry-dev" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/farcry-dev?hl=en
-~----------~----~----~----~------~----~------~--~---
