View comments | RSS feed
CFML Reference Previous Up One Level Next
ColdFusion Functions


IsUserInRole

Description

Determines whether an authenticated user belongs to the specified Role.

Return value

True, if the authenticated user, belongs to the specified Role; False, otherwise.

Category

Authentication functions, Decision functions

Syntax 

IsUserInRole("role_name")

See also

GetAuthUser

History

New in ColdFusion MX: This function is new.

Parameters

Parameter Description
role_name
 Name of a security role

Example 

<cfif isUserInRole("Admin") > 
  <cfoutput>Authenticated user is an administrator</cfoutput> 
<cfelse isUserInRole("User") > 
  <cfoutput>Authenticated user is a user</cfoutput> 
</cfif>
Previous Up Next

ColdFusion 9 | ColdFusion 8 | ColdFusion MX 7 | ColdFusion MX 6.1 | ColdFusion MX | Forums | Developer Center | Bug Reporting

Version 6

Comments are no longer accepted for ColdFusion MX. ColdFusion 8 is the current version.

Comments


carehart@systemanage said on Sep 16, 2002 at 4:09 AM :
This page should indicate that the role_name is case-sensitive. If someone is in the role "Sales", they will not match a test of IsUserInRole("sales").

Furthermore, it should mention that the role_name can be a list of roles, as in IsUserInRole("Sales,Managers"). It should explain then that this will only be true if the person belongs to both roles. The order is not significant, nor does it matter if the person belongs to these and more.

Finally, it should be clarified that if using lists of roles (whether here or when "assigning" roles in the CFLOGINUSER ROLES attribute), these lists like all ColdFusion lists must not contain spaces for separators. In other words, the test above would not be the same as IsUserInRole("Sales, Managers"). The space before managers would effectively look for someone with the specific role " Managers" (space before managers), which is likely unexepected.
benson_nc said on Oct 31, 2002 at 5:16 PM :
Carehart has clearly stated information that has solved my particular problem, and information that I have been unable to find anywhere else. Thank you!
i_netmaster said on Jan 23, 2003 at 6:46 AM :
Veeery good this function. I knew it now, and I've used in the same time in one of my application.
But at the firt time I had some problems with case-sensitive, that is not mentioned in the documentation
Tekes Stavros said on Feb 19, 2004 at 12:34 AM :
Carehart indeed did a very good job. I was looking for this information all over the place.
I believe that MM should consider revising this function. It would be much more usefull if it returned true when the user belongs to any of the groups provided in role_name (assuming role_name is a list of roles) and not when the person belongs to all roles
stevieo said on Apr 26, 2004 at 10:53 PM :
Carehart is correct, however I would like to provide a clarification as I missunderstood the comments, and lost some time here. (It might be obvious to some, but wasn't to me).

If you want an individual user to have multiple roles you assign them like this:

<cfloginuser name="#username#"
password="#password#"
roles="add,edit,read">

Then when authenticating the user you can check for any of these roles using this function such as:

<cfif IsUserInRole("add")>
....
</cfif>

I think the point Carehart was making is if you attempt to do this you will receive a false:

<cfif IsUserInRole("add,delete")>
....
</cfif>

Even though the above user has the "add" role they need both the "add" and "delete" role for this function to return true.

BTW - this would return true:

<cfif IsUserInRole("read,add")>
....
</cfif>

 

RSS feed | Send me an e-mail when comments are added to this page | Comment Report

Current page: http://livedocs.adobe.com/coldfusion/6/CFML_Reference/functions-pt1142.htm