Misleading docs for isUserInAnyRole

This post is more than 2 years old.

I just helped someone out on the BACFUG list concerning a misleading doc page for isUserInAnyRole().

The docs mention that you can use the function to test and see if a user is in one of a list of roles, but it also implies you can use it to see if a user has any roles at all:

<cfif IsUserInAnyRole() > <cfoutput>Authenticated user is in these roles: #GetUserRoles()#</cfoutput> <cfelseif > <cfoutput>Authenticated user is in no roles</cfoutput> </cfif>

This code won't run as isUserInAnyRole must have at least one argument, which is a list of roles to check against the user. Here is an example showing correct usage. The output will be YES.

<cfloginuser name="ray" password="parishilton" roles="a,b">

<cfoutput>#isuserinanyrole("b,c")#</cfoutput>

I posted a comment to Livedocs, but I don't see it online yet.

Raymond Camden's Picture

About Raymond Camden

Raymond is a senior developer evangelist for Adobe. He focuses on document services, JavaScript, and enterprise cat demos. If you like this article, please consider visiting my Amazon Wishlist or donating via PayPal to show your support. You can even buy me a coffee!

Lafayette, LA https://www.raymondcamden.com

Archived Comments

Comment 1 by Brian Panulla posted on 4/2/2008 at 5:15 PM

I was just designing the security architecture for a new app and stumbled on the same problem! Luckily I remembered seeing this post earlier this week!

Comment 2 by Knumknutz posted on 2/28/2009 at 10:24 PM

Thanks; I am new to the whole application.cfc thingie and it's just making me frustrated but atleast I am learning from others sufferage and my own :)