edu_group_security_check db group_type { action " " } { error_page "1" }What it does:
This returns a list containing, in order, the user_id, the group_id, and the group_name. Group type should be something like edu_class or edu_department. This checks to see if the user is logged in as a member of any groups of the given group type.Defined in: /web/philip/tcl/education.tclIf the user is logged in under the correct group type, it returns the above mentioned list. If the user is not logged in as a member of a group of the correct type then the user is automatically redirected to group_select.tcl.
If the user is logged in under the correct group_type then this checks to make sure that the user has permission to perform the passed in action. If the user does not have the correct permission, this calls edu_display_not_authorized_message and then forces the calling environment to return. the last argument error_page=1 means that if the user is unauthorized, redirect to an error page. if error_page=0 then return 0 for unauthorized user
Source code:
set user_id [ad_verify_and_get_user_id] if { [string compare $user_id "0"] == 0 } { ns_returnredirect "/register/index?return_url=[ns_urlencode [ns_conn url]?[ns_conn query]]" ad_script_abort } set group_id [ad_get_client_property education $group_type] if {![empty_string_p $group_id]} { # we want to get the group name and make sure that the id was the correct type set group_name [database_to_tcl_string_or_null $db "select group_name from user_groups where group_id = $group_id and group_type = '$group_type'"] } if {[empty_string_p $group_id] || [empty_string_p $group_name]} { ns_returnredirect "/education/util/group-select?group_type=$group_type&return_url=[ns_urlencode [ns_conn url]?[ns_conn query]]" ad_script_abort } else { if {![ad_permission_p $db "" "" $action $user_id $group_id]} { if {$error_page} { edu_display_not_authorized_message ad_script_abort } else { return 0 } } else { return [list $user_id $group_id "$group_name"] } }