Menu and permissions

[duncan1 (sent by Nabble.com)]

Hello, yet another new user of farcry. I have a question about the menu and
permissions. I am trying to create a site which has areas which require
login to view. I have modified the login.cfm to enable users to login from
the website. I then selected an area of the website I wanted to restrict
and removed the "view" permissions from the anonymous user.

Currently as an anonymous user this menu item still appears, but returns the
login screen when clicked on. Does anybody know a way of hiding these menu
items from a user who doesn't have sufficient permissions rather than
returning the login screen when the menu item is selected?
--
View this message in context: http://www.nabble.com/Menu-and-permissions-t1407423c621.html#a3789743
Sent from the FarCry - Dev forum at Nabble.com.

[Jeff Coughlin]

Duncan,

> Does anybody know a way of hiding these menu items from a user who doesn't

> have sufficient permissions rather than returning the login screen when
> the menu item is selected?

One option is that you can wrap the link in a <cfif/> block.

Example: If logged in, try dumping the following...
<cfdump var="#session.dmSec.authentication#" />

If you're not logged into FarCry, the sub structure "authentication" will
not exist. Thus you could do something like the following:

<cfif structKeyExists(session.dmSec, 'authentication')>Yes I'm logged in.
Display link here<cfelse>No I'm not logged in.</cfif>

If, however, you wanted to get more granular with security (like checking
for a specific role) I suggest looking at one (or more) of the fields found
within the "authentication" sub structure (use the <cfdump/> above for
reference).

Hope this helps get you in the right direction :)

Jeff Coughlin
Web Application Developer
http://www.jeffcoughlin.com

[duncan1 (sent by Nabble.com)]

Hi Jeff,

Thanks for your reply. Unfortunately I needed to make it a little more
flexible so have had to look at the permissions on the nav node. I have got
it to work by modifying the generic nav by using the following code:

<!---
check security,...
remember security is applied through the tree navigation point *not*
the individual object being rendered.
lpolicyGroupIds="#application.dmsec.ldefaultpolicygroups#"
the latter is the policy group for anonymous...
--->
<!--- determine the policy groups (or roles) this user belongs to --->
<cfif isDefined("session.dmsec.authentication.lPolicyGroupIDs") and
listLen(session.dmsec.authentication.lPolicyGroupIDs)>
<!--- concatenate logged in group permissions with anonymous group
permissions --->
<cfset lpolicyGroupIds = session.dmsec.authentication.lPolicyGroupIDs & ","
& application.dmsec.ldefaultpolicygroups>

<cfelse>
<!--- user not logged in, assume anonymous permissions --->
<cfset lpolicyGroupIds = application.dmsec.ldefaultpolicygroups>
</cfif>

<cfscript>
// initialise counters
currentlevel=0; // nLevel counter
ul=0; // nested list counter

oAuthorisation = request.dmsec.oAuthorisation;
oAuthentication = request.dmsec.oAuthentication;


// build menu [bb: this relies on nLevels, starting from nLevel 2]
for(i=1; i lt incrementvalue(qNav.recordcount); i=i+1)
{
iHasViewPermission =
oAuthorisation.checkInheritedPermission(objectid=qNav.objectid[i],permissionName="View",lpolicyGroupIds=lpolicyGroupIds);
if (iHasViewPermission EQ 1)
{
//then do the usual menu output
}

This works, but my problem now is hiding menu options which are shown to non
logged in users but have a "logged in" version as well. Any suggestions?

I was thinking of maybe having 2 html pages under a nav node, one the
non-logged in and the 2nd the logged-in version. Then simply evaluating if
they are logged in, and if they are returning the 2nd Html page rather than
the 1st. Do you think this would work?

Cheers,Duncan

--
View this message in context: http://www.nabble.com/Menu-and-permissions-t1407423c621.html#a3801239