Hello!
If I set an event to be like - function somesecureaction(event,rc,prc) secured{}
I end up following the request to cbAuthValidator function -
struct function annotationValidator( required securedValue, required controller ){
return validateSecurity( arguments.securedValue );
}
which then calls -
private function validateSecurity( required permissions ){
This has code as follows -
if ( variables.cbauth.isLoggedIn() ) {
// Do we have any permissions?
if ( listLen( arguments.permissions ) ) {
results.allow = variables.cbauth.getUser().hasPermission( arguments.permissions );
results.type = “authorization”;
} else {
// We are satisfied!
results.allow = true;
}
}
This fails presently as the permission being checked is boolean true. I suppose I can edit the user object being called to check for boolean true before trying as a list but wondering if the above should be changed directly in cbAuthValidator.cfc to something like -
if ( !IsBoolean( arguments.permissions ) && listLen( arguments.permissions ) ) {
or something. Still seems odd but I guess it’d never be false but rather either true or a list of permissions.
??
Thank you!