I have a query called "rsUserRights" that returns user rights, such as:
UserID | Entity | Right
-----------------------
1 Note Create
1 Note Edit
1 Note Delete
This means that UserID '1' can create, edit or delete a Note object.
All I want to do is store these permissions in the SESSION array so that web applications know all the time what rights registered users have. Therefore, when a user looks at a Note object in my application, depending on what rights he has, the correct Create, Edit or Delete option will be available.
The application must know to which object the user has the right, and then what is the right. Some users may not be entitled to read-only. How to save this Entity-Right key-value pair in a ColdFusion structure?
All I have managed to do so far is:
<cfset SESSION.Auth.UserRights = StructNew()>
<cfloop query="rsUserRights">
<cfset SESSION.Auth.UserRights.#rsUserRights.Entity#>
<cfset SESSION.Auth.UserRights.#rsUserRights.Entity#.#rsUserRights.Right#>
</cfloop>
Will the work be higher? Then using structkeyexits to find value pairs? The problem that I see is that I can get the loaded load of SESSION variables, since the user can have hundreds of rights to hundreds of objects / objects. Consequently, it will create hundreds of SESSION variables and crash my server?
FIRST CONSECUTIVE DECISION
<cfset SESSION.Auth.UserRights = StructNew()>
<cfloop query="rsUserRights">
<cfset SESSION.Auth.UserRights[rsUserRights.Entity][rsUserRights.Right] = StructNew()>
</cfloop>
Then on my CFM pages I test for the presence of SESSION.Auth.UserRights.Note AND SESSION.UserRights.Note.Create, for example
This is normal?
source
share