Ryan: I was working on the same issue earlier this week and was helped a great deal by Ray Camden. isUserInRole will treat what you pass it as a AND comparison, therefore if you pass G,U then the user must possess both roles. Note, what you pass is case-sensitive and there must be no spaces. So, if admins in your application are given all roles then isUserInRole("G") will allow all three of your hypothetical users access the CFC.
Hope that helps! -JSLucido -----Original Message----- From: Ryan Kime [mailto:[EMAIL PROTECTED] Sent: Thursday, August 14, 2003 11:44 AM To: CF-Talk Subject: Roles in CFMX I need help understanding ROLES in CFMX because I think the concept goes against my idea of roles-based security. I would think that if you assign a user one to many roles and then if a role is listed in a comma delimited list in the roles parameter on a CFC, the user can access it, but that's not how it goes in CFMX. Here's a quick rundown of my situation: we finished a major app, now two other groups want access to it and this requires limitations to certain areas and functions. When developing the original app we set everyone on the same role, so all CFCs have the role parameter set. Say for simplicity's sake, the three roles are G for guest, U for user, and A for Admin. Therefore.... Guests = "G" Users = "G,U" Admins = "G,U,A" On a CFC, if the role is "G" will the Users and Admins be able to use the CFC? What about a "G,U" restricted function, will Admins be able to access it? TIA, Ryan Kime <mailto:[EMAIL PROTECTED]> [EMAIL PROTECTED] Web Developer Webco Industries ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Archives: http://www.houseoffusion.com/lists.cfm?link=t:4 Subscription: http://www.houseoffusion.com/lists.cfm?link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4 This list and all House of Fusion resources hosted by CFHosting.com. The place for dependable ColdFusion Hosting. http://www.cfhosting.com