XML Rules
If you have already an XML file with your rules, then all you need to do is add the path (relative or absolute) to that file in the rules configuration key. However, the path MUST include the keyword XML in it.
config/Coldbox.cfc
1
moduleSettings = {
2
// CB Security
3
cbSecurity : {
4
"rules" : "config/security.xml.cfm"
5
};
Copied!
Then your xml file can look like this:
config/security.xml.cfm
1
<?xml version="1.0" encoding="ISO-8859-1"?>
2
<-- <
3
Declare as many rule elements as you want, order is important
4
Remember that the securelist can contain a list of regular
5
expressions if you want
6
7
ex: All events in the user handler
8
user\..*
9
ex: All events
10
.*
11
ex: All events that start with admin
12
^admin
13
14
If you are not using regular expressions, just write the text
15
that can be found in an event.
16
-->
17
<rules>
18
<rule>
19
<match>event</match>
20
<whitelist>user\.login,user\.logout,^main.*</whitelist>
21
<securelist>^user\..*, ^admin</securelist>
22
<roles>admin</roles>
23
<permissions>read,write</permissions>
24
<redirect>user.login</redirect>
25
</rule>
26
27
<rule>
28
<match>event</match>
29
<whitelist></whitelist>
30
<securelist>^moderator</securelist>
31
<roles>admin,moderator</roles>
32
<permissions>read</permissions>
33
<redirect>user.login</redirect>
34
</rule>
35
36
<rule>
37
<match>url</match>
38
<whitelist></whitelist>
39
<securelist>/secured.*</securelist>
40
<roles>admin,paid_subscriber</roles>
41
<permissions></permissions>
42
<redirect>user.pay</redirect>
43
</rule>
44
</rules>
Copied!
Copy link
Edit on GitHub