ad_require_permission

one of the documented procedures in this installation of the ACS
Usage:
ad_require_permission   db   user_id   permission_type   on_what_id   on_which_table   { return_url "" }
What it does:
If the user is not logged in and the specified type of permission has not been granted to all users, then redirect for registration. If the user is logged in but does not have the specified permission type on the specified database row, then redirects to return_url if supplied, or returns a "forbidden" error page.
Defined in: /web/philip/tcl/ad-general-permissions.tcl

Source code:



    if { [string compare $user_id 0] == 0 } {
	set all_users_have_permission_p [database_to_tcl_string $db "select
 decode(ad_general_permissions.all_users_permission_id('$permission_type', '$on_what_id', '$on_which_table'), 0, 0, 1)
from dual"]

	if { !$all_users_have_permission_p  } {
	    ns_db releasehandle $db
	    ad_redirect_for_registration
	    ad_script_abort
	}

    } elseif {
	![ad_user_has_row_permission_p $db $user_id  $permission_type $on_what_id $on_which_table]
    } {
	ns_db releasehandle $db

	if { ![empty_string_p $return_url] } {
	    ad_returnredirect $return_url
	} else {
	    ns_returnforbidden
	}

	ad_script_abort
    }


philg@mit.edu