The Robertson Team






















  Programmers' Tools >  AccessMonger Pro >  FAQ >  Can I Nest Permissions?

Can I Nest Permissions?

Once you are comfortable with the concept of roles, yes.  This is one more way to add flexibility to your access control system.  Lets say you have the following roles set up to work within foo.cfm:

Roles for foo.cfm







First of all, note that each role is prefaced by the template name, without the extension.  This is a good way to organize your roles so that when viewing roles in the system, profile and individual user role managers each role stays together with its siblings.

The first role is the filename only.  This role is used to determine if a page is going to be accessible or not.  Here's something similar to what you would do in AMPro to do this.  You would put it right at the top of the page (we don't show the actual code due to security considerations):

<cfinclude template="permissions.cfm">
<cfif CompareNoCase(,"Y")>
     <cflocation url="login.cfm" addtoken="No">
     or some other suitable action of your choice


Then lets say for the sake of argument that right afterwards your code has links to some edit actions.  If the user has no rights to edit the page, then you don't want to even bother checking for approval and publishing rights.  So you set it up like this:

<cfinclude template="permissions.cfm">
<cfif not CompareNoCase(,"Y")>
     <!--- show editor-specific stuff here --->
     <cfinclude template="permissions.cfm">
     <cfif not CompareNoCase(,"Y")>
          <!--- show approval button here--->
     <cfinclude template="permissions.cfm">
     <cfif not CompareNoCase(,"Y")>
          <!--- show publish button here --->

Simple enough.  Note that using roles to their fullest extent will magnify your processing of a page by a bit, but probably not noticeably so.  We chose to use includes rather than custom tag calls to do permission checks entirely due to the slight but existent improvement in speed they provide.

The Robertson Team,
1.559.360.1717 is a leader in ColdFusion web hosting and managed dedicated servers.