| CFML Language Reference |
|
|
Chapter 2 : ColdFusion Functions |
|
| CFML Language Reference |
|
|
Chapter 2 : ColdFusion Functions |
|
Returns TRUE if the resource is protected in the security context of the authenticated user.
See also IsAuthorized.
IsProtected(resourcetype, resourcename [, action])
String specifying the type of resource:
String specifying the name of the resource. Resourcename is the actual resource that is protected, not to be confused with the rule name, which you specify in the ColdFusion Administrator. The value specified varies depending on the resource type:
| resourcetype specification | resourcenamespecification |
|---|---|
| APPLICATION | Application name |
| CFML | CFML tag name |
| FILE | File name |
| DATASOURCE | Data source name |
| COMPONENT | Component name |
| COLLECTION | Verity collection name |
| CUSTOMTAG | Custom tag name |
| USEROBJECT | Object name |
String specifying the action for which authorization is requested. Do not specify this parameter for COMPONENT and CUSTOMTAG. For all other resource types, this parameter is required.
| resourcetype specification | Possible ACTIONs |
|---|---|
| APPLICATION |
ALL USECLIENTVARIABLES |
| CFML | Valid actions for the tag specified by resourcename |
| FILE |
READ WRITE |
| DATASOURCE |
ALL CONNECT SELECT INSERT UPDATE DELETE SP (stored procedure) |
| COMPONENT | No actions for this resource type |
| COLLECTION |
DELETE OPTIMIZE PURGE SEARCH UPDATE |
| CUSTOMTAG | No actions for this resource type |
| USEROBJECT | Action specified via the ColdFusion Administrator |
The IsProtected function only returns true if the resource is protected by a rule in the security context or sandbox within which a request is being processed. An application may need to determine if a resource is protected and if the current user is authorized to use the resource. If a resource is not protected, then the IsAuthorized function returns true. In order to determine if a resource is explicitly protected with a rule, you must use the IsProtected function.
<!--- This example calls the IsProtected function. --->
...
<!--------------------------------------------------------------------
The following code checks to see if the Orders data source is protected.
If the data source is protected, the code then checks to see if the
current user is authorized to select information from the datasource.
---------------------------------------------------------------------->
<CFIF IsProtected("DATASOURCE", "Orders", "select")>
<CFIF IsAuthorized("DATASOURCE", "Orders", "select")>
<CFQUERY NAME="GetList" datasource="Orders">
SELECT * FROM Orders
</CFQUERY>
<CFOUTPUT QUERY="GetList">
Authorization Succeeded. Order information follows:
#Customer# - #BalanceDue#<BR>
</CFOUTPUT>
</CFIF>
</CFIF>
</BODY>
</HTML>
| Copyright © 1999, Allaire Corporation. All rights reserved. |
|