Difference between revisions of "Privileged Module Configuration"

From ADF Docs
Jump to: navigation, search
(Overview)
(Add a CommonSpot User Group)
 
(19 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
==Overview==
 
==Overview==
To allow scripts that use the ADF's CE Record API or the CommonSpot's Custom Data API to add or update data in Global Custom Elements or Simple Form Elements by users with limited or anonymous (read-only) access add a couple of lines of code to your script and register your script as a CommonSpot Privilege Module.
+
To enable scripts using the ADF's CE Record API or CommonSpot's Custom Data API to add or update data in custom data elements for users with limited or anonymous (read-only) access, simply add a few lines of code to your script and register it as a CommonSpot Privilege Module.
  
 
=== Add the Enab/Disable Privileges to Your Script ===
 
=== Add the Enab/Disable Privileges to Your Script ===
Line 16: Line 16:
 
  </cfscript>
 
  </cfscript>
  
Note: These enable/disable 'Request' lines of code are required in the script file that is registered as the 'Privileded Module'. However, they can wrap the API call being made from nested files cfmodule, cfinclude and/or a function in a component object file.
+
Include these additional enable/disable 'Request' lines of code in the CFML script file registered as the 'Privileged Module.' However, they can wrap the API call being made from inside a nested cfmodule, cfinclude, or a function within an invoked component.
  
 
  IMPORTANT: In most cases, it is recommended to add the enableApprovedPrivileges call to an isolated CFM file that only performs actions for the desired permission level. Alternatively, it can be added to a CFC file if the component does not contain any functions that should be restricted to higher-access users.
 
  IMPORTANT: In most cases, it is recommended to add the enableApprovedPrivileges call to an isolated CFM file that only performs actions for the desired permission level. Alternatively, it can be added to a CFC file if the component does not contain any functions that should be restricted to higher-access users.
Line 23: Line 23:
 
# Go to your CommonSpot Group Administration
 
# Go to your CommonSpot Group Administration
 
# Create a Group with Add Data and/or Edit Data permissions
 
# Create a Group with Add Data and/or Edit Data permissions
## No user or group needs to be added to this Privileged Module group.
+
## No user or groups need to be added to this Privileged Module group.
  
  Note: The user requesting to add or update data will be added to and then removed from the group after the call is made on the fly.
+
  Note: The user requesting to add or update data will be added to the group after the call it will be removed from the group on the fly.
 +
 
 +
<!-- [[File:add-sec-group.png]]-->
 +
<!--
 +
[[Image:/adf-docs/images/static/privmod/add-sec-group.pngadd-sec-group.png]]
 +
[[File:/adf-docs/images/static/privmod/add-sec-group.pngadd-sec-group.png]]
 +
-->
 +
<!--
 +
<img alt="" src="/adf-docs/images/static/privmod/add-sec-group.pngadd-sec-group.png" width="200" height="157" class="thumbimage">
 +
[[File:add-sec-group.pngadd-sec-group.png|static/privmod|200px]]
 +
[[Image:add-sec-group.pngadd-sec-group.png|static/privmod|200px]]
 +
[https://community.paperthin.com/adf-docs/images/static/privmod/add-sec-group.png]
 +
[[Image:/adf-docs/images/static/privmod/add-sec-group.pngadd-sec-group.png]]
 +
[[Image:/adf-docs/images/static/privmod/add-sec-group.pngadd-sec-group.png]]
 +
-->
  
 
=== Update the Custom Element Security ===
 
=== Update the Custom Element Security ===
Line 49: Line 63:
  
 
=== Test your API call ===
 
=== Test your API call ===
Now attempt to add data as a user with limited or if applicable anonymous permissions.
+
Now attempt to add data as a user with limited or if applicable as an anonymous user.

Latest revision as of 18:19, 7 February 2025

Overview

To enable scripts using the ADF's CE Record API or CommonSpot's Custom Data API to add or update data in custom data elements for users with limited or anonymous (read-only) access, simply add a few lines of code to your script and register it as a CommonSpot Privilege Module.

Add the Enab/Disable Privileges to Your Script

  1. In your script that makes the call the ADF’s ceRecordAPI add a Request.User.enableApprovedPrivileges(Request); line before the call.
  2. Then add a Request.User.disableApprovedPrivileges(); after the add/update call.
<cfscript>
   // Enable addRecord() function to run for users with lower or anonymous permissions
   Request.User.enableApprovedPrivileges(Request);

   result = Application.ADF.gceRecord.addRecord(ceName=ceName,dataValues=dataValues);	
	
   // Reset the user's permissions
   Request.User.disableApprovedPrivileges();
</cfscript>

Include these additional enable/disable 'Request' lines of code in the CFML script file registered as the 'Privileged Module.' However, they can wrap the API call being made from inside a nested cfmodule, cfinclude, or a function within an invoked component. 

IMPORTANT: In most cases, it is recommended to add the enableApprovedPrivileges call to an isolated CFM file that only performs actions for the desired permission level. Alternatively, it can be added to a CFC file if the component does not contain any functions that should be restricted to higher-access users.

Add a CommonSpot User Group

  1. Go to your CommonSpot Group Administration
  2. Create a Group with Add Data and/or Edit Data permissions
    1. No user or groups need to be added to this Privileged Module group.
Note: The user requesting to add or update data will be added to the group after the call it will be removed from the group on the fly.


Update the Custom Element Security

  1. Go to Site Admin > Elements & Forms > Manage Elements
  2. When the Manage Element dialog opens, find your Custom Element.
  3. From the ‘Edit Element Properties’ (pencil icon) drop down, select the ‘Security…’ menu item
  4. Add the Group you just created in the previous step to the Custom Element Security
  5. From the next dialog add the appropriate select the ‘Add Data’ and/or ‘Edit Data’ permissions:
    1. If the user is allowed to:
      1. add data to this Custom Element, select the ‘Add Data’ permissions.
      2. update data in this Custom Element, select the ‘Edit Data’ permissions.
      3. perform both actions 'add' and 'update', then select both ‘Add Data’ and ‘Edit Data’ permissions.
  6. Click Save
  7. Click Close

Register the Privileged Module

  1. Go to Site Admin > Security > Privileged Modules
  2. When the 'Privileged Modules' dialog opens, click the 'Add New' button
  3. When the 'Add Privileged Module' dialog opens, select your file or enter an explicit path for the 'Module Path'
  4. Then add the Group you created in the 'Add a CommonSpot User Group' as the Group Name
  5. Click Save


Test your API call

Now attempt to add data as a user with limited or if applicable as an anonymous user.

Retrieved from "http://community.paperthin.com/adf-docs/index.php?title=Privileged_Module_Configuration&oldid=8427"