I have a standard user/role setup which returns the current user's roles in a list. I then use the permissions="" attribute and the preFuseaction phase to check whether this user is authorised to access this fuseaction. This allows some blocks of a page to be displayed and some supressed for different users.
I cannot do the same thing at a more granular level, i.e. to supress the display of links in a sidebar to users who don't have permission. Say:
<ul>
<li><a href="#xfa.mainmenu#>Main Menu</a></li>
<li><a href="#xfa.adminmenu#>Admin Menu</a></li>
</ul>
The admin menu should only be available to those users with the 'admin' role. If a normal user clicks on this link, they don't get anywhere, because when the fuseaction is actually run, it kicks them out. I would rather that the link wasn't there in the first place.
This can be done by hardcoding the roles into the .cfm files, so:
<ul>
<li><a href="#xfa.mainmenu#>Main Menu</a></li>
<cfif checkRole('admin') EQ TRUE><li><a href="#xfa.adminmenu#>Admin Menu</a></li></cfif>
</ul>
but it would be a little more elegant if the permissions defined in circuit.xml could be looked up instead and passed to checkRole() (possibly by passing the xfa?) instead of a static value. Is this possible with the structures Fusebox creates?