ColdBox Security Module
Search…
v2.x
Introduction
Intro
Release History
About This Book
Author
Getting Started
Installation
Overview
Configuration
Usage
Authentication Services
Security Rules
Security Annotations
Secured URL
Interceptions
cbSecurity Model
secure() Blocking Methods
Verification Methods
Authorization Contexts
Securing Views
Cross Site Request Forgery
Security Validators
CBAuth Validator
CFML Security Validator
Custom Validator
JWT
JWT Services
JWT Validator
Refresh Tokens
Token Storage
JWT Interceptions
External links
Source code
Issue Tracker
cbauth
cbcsrf
JWT CFML
Powered By GitBook
Authorization Contexts
There are also times where you need to validate custom conditions and block access to certain areas. This way, you can implement your own custom security logic and leverage cbSecurity for blockage. You will accomplish this via the secureWhen() method:
1
secureWhen( context, [errorMessage] )
Copied!
The context can be a closure/lambda/udf or a boolean evaluation:
1
// Using as a closure/lambda
2
cbSecurity.secureWhen( ( user ) => !user.isConfirmed() )
3
cbSecurity.secureWhen( ( user ) => !oEntry.canPublish( user ) )
4
​
5
// Using a boolean evaluation
6
cbSecurity.secureWhen( cbSecurity.none( "AUTHOR_ADMIN" ) && !cbSecurity.sameUser( oAuthor ) )
7
cbSecurity.whenNone( "AUTHOR_ADMIN", ( user ) => relocate() );
Copied!
The closure/udf will receive the currently authenticated user as the first argument.
1
( user ) => {}
2
function( user );
Copied!
Previous
Verification Methods
Next
Securing Views
Last modified 2yr ago
Copy link
Edit on GitHub