Difference between revisions of "Privileged Module Configuration"

Revision as of 17:46, 7 February 2025

Overview

To enable scripts using the ADF's CE Record API or CommonSpot's Custom Data API to add or update data in custom data elements for users with limited or anonymous (read-only) access, simply add a few lines of code to your script and register it as a CommonSpot Privilege Module.

Add the Enab/Disable Privileges to Your Script

1. In your script that makes the call the ADF’s ceRecordAPI add a Request.User.enableApprovedPrivileges(Request); line before the call.
2. Then add a Request.User.disableApprovedPrivileges(); after the add/update call.

<cfscript>
   // Enable addRecord() function to run for users with lower or anonymous permissions
   Request.User.enableApprovedPrivileges(Request);

   result = Application.ADF.gceRecord.addRecord(ceName=ceName,dataValues=dataValues);	
	
   // Reset the user's permissions
   Request.User.disableApprovedPrivileges();
</cfscript>

Include these additional enable/disable 'Request' lines of code in the CFML script file registered as the 'Privileged Module.' However, they can wrap the API call being made from inside a nested cfmodule, cfinclude, or a function within an invoked component.

IMPORTANT: In most cases, it is recommended to add the enableApprovedPrivileges call to an isolated CFM file that only performs actions for the desired permission level. Alternatively, it can be added to a CFC file if the component does not contain any functions that should be restricted to higher-access users.

Add a CommonSpot User Group

1. Go to your CommonSpot Group Administration
2. Create a Group with Add Data and/or Edit Data permissions
   1. No user or group needs to be added to this Privileged Module group.

Note: The user requesting to add or update data will be added to the group after the call it will be removed from the group on the fly.

File:/adf-docs/images/static/privmod/add-sec-group.pngadd-sec-group.png File:/adf-docs/images/static/privmod/add-sec-group.pngadd-sec-group.png

Update the Custom Element Security

1. Go to Site Admin > Elements & Forms > Manage Elements
2. When the Manage Element dialog opens, find your Custom Element.
3. From the ‘Edit Element Properties’ (pencil icon) drop down, select the ‘Security…’ menu item
4. Add the Group you just created in the previous step to the Custom Element Security
5. From the next dialog add the appropriate select the ‘Add Data’ and/or ‘Edit Data’ permissions:
   1. If the user is allowed to:
      1. add data to this Custom Element, select the ‘Add Data’ permissions.
      2. update data in this Custom Element, select the ‘Edit Data’ permissions.
      3. perform both actions 'add' and 'update', then select both ‘Add Data’ and ‘Edit Data’ permissions.
6. Click Save
7. Click Close

Register the Privileged Module

1. Go to Site Admin > Security > Privileged Modules
2. When the 'Privileged Modules' dialog opens, click the 'Add New' button
3. When the 'Add Privileged Module' dialog opens, select your file or enter an explicit path for the 'Module Path'
4. Then add the Group you created in the 'Add a CommonSpot User Group' as the Group Name
5. Click Save

Test your API call

Now attempt to add data as a user with limited or if applicable as an anonymous user.