coldbox-security-authorization
OfficialProtect ColdBox apps with role-based access.
AuthorColdBox
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill helps developers define and enforce authorization rules in ColdBox applications so that only properly authorized users can access events, URLs, handler actions, and sensitive views.
Core Features & Use Cases
- Defines cbsecurity rules for event-based and URL-based protection using secure lists, whitelists, and regex matching.
- Demonstrates role and permission checks in handlers with cbsecurity.has, cbsecurity.all, cbsecurity.can, and cbsecurity.block to handle unauthorized access.
- Shows handler-level annotations with @secured for protecting entire handlers or specific actions, and resource-owner checks for edit/delete flows.
- Covers firewall configuration, default actions (redirect or block), status codes for APIs, and view-level UI gating for conditional rendering.
- Use Case: Protect admin routes, secure API endpoints, and implement resource-based authorization to ensure users can only edit their own records.
Quick Start
Secure the users.edit handler by requiring the admin role and configuring unauthorized requests to redirect to /login.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: coldbox-security-authorization Download link: https://github.com/ColdBox/skills/archive/main.zip#coldbox-security-authorization Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.