Re: secure tag and permissions

[Steve Nelson]

While I don't agree with your method of security, I would never say it's wrong...... if you would change one minor minor thing for me. First of all, compare these: 1) <cfif isMember(groupsthatCanReadArticles)> 2) <cfif userhaspermissions(listofpermissions, canreadarticles)> 3) <cfif listfind("canreadarticles, caneditcarticles, candeletearticles", "canreadarticles")> 4) <cfif canreadarticles> 5) <cfif articlereadergroup> Now, out of those 5, which are tied to one specific security model and which are not? 1, 2 and 3 are. 4 and 5 have NOTHING to do with any particular security model. They are merely boolean values. What I'm asking that you do, is ignore the fact that you check a series of groups and Hal checks a series of permissions. It honestly doesn't matter, it's a matter of semantics. Both methods can be boiled down to simple boolean variables. Your fusedocs, fuseactions and circuits will define the necessary boolean variables it needs to work, and your security model will define those variables. It's that simple. When you realize the true power of what Hal is suggesting, the only thing you have to do is unplug your security model and plug another one in it's place, your fuses, fuseactions and circuits will (should) continue to work like they did before. Steve         Lee Borkman wrote: Hi Roger, The Coder can choose to do either of those things, but creating those low-level Permissions flags (an intermediate step) is entirely optional.  See my reply to Patrick. I am just as likely to do this: <cfset groupsThatCanRead = "Web Unit, WWR-users, contractors"> ... <cfif isMember(groupsThatCanReadArticles)>   Read articles </cfif> Thanks, LeeBB ----- Original Message ----- From: Roger B.   Patrick McElhaney wrote: > That is, instead of > <cfif hasReadArticlePermission>Read this article</cfif> > <cfif hasSearchArticlePermission>Search this article</cfif> > > this works okay for you: > <cfif isArticleReader> >   Read this article >   Search this article > </cfif> Now you have me wondering if I've been reading Lee all wrong... I never even considered that his thinking might be along those lines. Instead, I figured he was thinking: <cfif isArticleReader>      <cfset hasReadArticlePermission = true>      <cfset hasSearchArticlePermissioon = true> </cfif> <cfif hasReadArticlePermission>Read this article</cfif> <cfif hasSearchArticlePermission>Search this article</cfif>   ==^================================================================ This email was sent to: archive@jab.org EASY UNSUBSCRIBE click here: http://topica.com/u/?bUrFMa.bV0Kx9 Or send an email to: [EMAIL PROTECTED] T O P I C A -- Register now to manage your mail! http://www.topica.com/partner/tag02/register ==^================================================================