pnSecAuthAction

authorise attempted action

Synopsis

bool pnSecAuthAction(realm, component, instance, level, uid(opt));

Description

pnSecAuthAction() checks against the authorisation information held within the PostNuke system to decide if a particular level of authorisation can be allowed.

Parameters

realm

The realm that this authorisation is taking place in; currently always 0

component

The component for which this authorisation is taking place

instance

The instance for which this authorisation is taking place

level

The level of access which this authorisation requires to be allowed

uid

The uid of the user to check for authorisation

Return Values

This function returns true if the level of authorisation granted to the user for the given arguments is greater than or equal to the required level, false if the level of authorisation granted to the user for the given arguments is less than the required level. This function returns void if an exception was raised.

Exceptions

This function raises DATABASE_ERROR if an error occurs while querying data.

Notes

A full description of the PostNuke authorisation system is beyond the scope of this document. For more in formation on the authorisation system and its use of realms, components, and instances, please refer to the PostNuke Authorisation System documentation.

This function was previously known as authorised(). That name is deprecated but still functional in this version of the PostNuke API; it is recommended that any calls that are currently made to authorised() are changed to pnSecAuthAction().

Examples

// See if use is authorised to access 'foo' module admin functions
if (pnSecAuthAction(0,
                    'Foo::',
                    'My Foo:Foos of the world:4',
                    ACCESS_ADMIN)) {
  // Yes
} else {
  // No
}