cbSecurity
CommunitySlackSupport
v3.x
v3.x
  • 🔏Introduction
    • Release History
      • What's New With 3.4.0
      • What's New With 3.3.0
      • What's New With 3.2.0
      • What's New With 3.1.0
      • What's New With 3.0.0
    • Upgrade to 3.0.0
    • About This Book
      • Author
  • Getting Started
    • Installation
    • Overview
    • Configuration
      • 🔏Authentication
      • 🥸Basic Auth
      • 🙈CSRF
      • 🌐JWT
      • 🧱Firewall
        • DB Rules
        • JSON Rules
        • Model Rules
        • XML Rules
      • ☢️Security Headers
      • 🔬Visualizer
  • Usage
    • Authentication Services
    • Basic Authentication
    • Security Rules
    • Security Annotations
    • cbSecurity Model
      • Authentication Methods
      • Authorization Contexts
      • Blocking Methods
      • Securing Views
      • Utility Methods
      • Verification Methods
    • Secured URL
    • Interceptions
    • Cross Site Request Forgery
    • Delegates
    • Auth User
  • Security Validators
    • Auth Validator
    • BasicAuth Validator
    • CFML Security Validator
    • Custom Validator
  • JWT
    • JWT Services
    • JWT Validator
    • Refresh Tokens
    • Token Storage
    • JWT Interceptions
  • External links
    • Issue Tracker
    • Source code
    • Sponsor Us
Powered by GitBook
On this page

Was this helpful?

Edit on GitHub
Export as PDF
  1. Usage
  2. cbSecurity Model

Verification Methods

Verify permissions the fluent way!

If you just want to validate if a user has certain permissions or maybe no permissions at all or if a passed user is the same as the logged in user, then you can use the following boolean methods that only do verification.

Please note that you could potentially do these type of methods by leveraging the currently logged in user and it's hasPermission() method. However, these methods provide abstraction and can easily be mocked!

// Checks the user has one or at least one permission if the 
// permission is a list or array
boolean cbSecurity.has( permission );
// The user must have ALL the permissions
boolean cbSecurity.all( permission );
// The user must NOT have any of the permissions
boolean cbSecurity.none( permission );
// Verify if the passed in user is the same as the logged in user
boolean cbSecurity.sameUser( user );

These are great to have a unified and abstracted way to verifying permissions or if the passed user is the same as the logged in user. Here are some examples:

View Layer

<cfif cbsecure().has( "USER_ADMIN" )>
    This is only visible to user admins!
</cfif>

<cfif cbsecure().has( "SYSTEM_ADMIN" )>
    <a href="/user/impersonate/#prc.user.getId()#">Impersonate User</a>
</cfif>

<cfif cbsecure().sameUser( prc.user )>
    <i class="fa fa-star">This is You!</i>
</cfif>

Other Layers:

if( cbSecurity.has( "PERM" ) ){
    auditUser();
}

if( cbSecurity.sameUser( prc.incomingUser ) ){
    // you can change your gravatar
}

Please note that we do user equality by calling the getId() method of the authenticated user and the incoming user. This is part of our IAuthUser interface requirements.

PreviousUtility MethodsNextSecured URL

Last updated 2 years ago

Was this helpful?