0

The title may be a bit non-descriptive, so let me explain what I want to do.

I have a lot of JavaScript functions that I want to be able to "give access to" based on a user's permissions to do certain things on my system. As an example:

I have a JS function to add an employee: 

function doNewEmployee() {
    var x;
    var objTemp=new Object();
    var myElements = new Array ("username","password1", "password2", "emp_type",
 "name", "surname", "personal_contact", "work_contact", "location_dd",
 "home_address", "access_level", "id_num");
    for (x=0;x<myElements.length;x++){
        objTemp[''+myElements[x]+'']=document.getElementById(myElements[x]).value;
    }
    asyncProxy.addNewEmployee(objTemp);
}

This sends all the parameters through AJAX to my PHP

Now, what I want to be able to do is check whether the user has permissions to execute this function and only include it in the final JS file sent client-side if this is true.

Is this possible? I was thinking about just creating a load of if statements, echoing out the javascript functions in the index.php file, but this would entail having all my JS inline, which isn't what I want.

I guess at the end of the day I want a dynamically built JS file?

Any help would be greatly appreciated!

iLikeBreakfast
  • 1,545
  • 23
  • 46
  • *I guess at the end of the day I want a dynamically built JS file* — Looks like you do! – bfavaretto May 11 '13 at 20:57
  • you could also just dynamically echo in is includes based on user login. – Orangepill May 11 '13 at 21:12
  • 1
    If the problem is that you don't know how to generate a js file dynamically, take a look here: [How can I generate Dynamic Javascript?](http://stackoverflow.com/questions/531311/how-can-i-generate-dynamic-javascript). – bfavaretto May 11 '13 at 21:16
  • Please, also note that you should **not** rely on "not including the functions" for security. It is very easy to bypass this security meassur, so server-side checks must be in place as well. – gkalpak May 12 '13 at 12:17

0 Answers0