IsProtected

Description

Returns TRUE if a resource is protected in an authenticated user's security context.

Syntax


IsProtected(resourcetype, resourcename [, action])

Parameters

Parameter

Description

resourcetype
String that specifies the type of resource:

Application

CFML

File

DataSource

Component

Collection

CustomTag

UserObject

resourcename
String that specifies the name of the resource. The value depends on the resource type:

Application name

CFML tag name

File name

Data source name

Component name

Verity collection name

Custom tag name

Object name

Resourcename is the resource that is protected, not to be confused with the rule name, which you specify in the ColdFusion Administrator.

action
String that specifies the action for which authorization is requested. Required for all resource types except Component and CustomTag.

Parameter	Description
resourcetype	String that specifies the type of resource: Application CFML File DataSource Component Collection CustomTag UserObject
resourcename	String that specifies the name of the resource. The value depends on the resource type: Application name CFML tag name File name Data source name Component name Verity collection name Custom tag name Object name Resourcename is the resource that is protected, not to be confused with the rule name, which you specify in the ColdFusion Administrator.
action	String that specifies the action for which authorization is requested. Required for all resource types except Component and CustomTag.

Action types

The following table shows the actions associated with each resource type:.


resourcetype	Actions
APPLICATION	ALL USECLIENTVARIABLES
CFML	Valid actions for the tag specified by resourcename
FILE	READ WRITE
DATASOURCE	ALL CONNECT SELECT INSERT UPDATE DELETE SP (stored procedure)
COMPONENT	No actions for this resource type
COLLECTION	DELETE OPTIMIZE PURGE SEARCH UPDATE
CUSTOMTAG	No actions for this resource type
USEROBJECT	Action specified in the ColdFusion Administrator

Usage

IsProtected returns true if the resource is protected by a rule in the security context or sandbox within which a request is processed. An application may have to determine whether a resource is protected and if the current user is authorized to use it. If a resource is not protected, IsAuthorized returns true. To determine whether a resource is explicitly protected with a rule, you must use IsProtected.

Example

<!--- This example calls the IsProtected function. --->

...

<!-------------------------------------------------------------------- 

The following code checks whether the Orders data source is protected.

If the data source is protected, the code then checks whether the

current user is authorized to select information from the datasource.

---------------------------------------------------------------------->

<cfif IsProtected("DATASOURCE", "Orders", "select")>

  <cfif IsAuthorized("DATASOURCE", "Orders", "select")>

    <cfquery name = "GetList" datasource = "Orders">

          SELECT *  FROM Orders

      </cfquery>

      <cfoutput QUERY = "GetList">

          Authorization Succeeded. Order information follows:

          #Customer# - #BalanceDue#<BR>

      </cfoutput>

  </cfif>

</cfif>



</body>

</html>