edu_group_security_check

one of the documented procedures in this installation of the ACS
Usage:
edu_group_security_check   db   group_type   { action "" }   { error_page "1" }
What it does:
This returns a list containing, in order, the user_id, the group_id, and the group_name. Group type should be something like edu_class or edu_department. This checks to see if the user is logged in as a member of any groups of the given group type.

If the user is logged in under the correct group type, it returns the above mentioned list. If the user is not logged in as a member of a group of the correct type then the user is automatically redirected to group_select.tcl.

If the user is logged in under the correct group_type then this checks to make sure that the user has permission to perform the passed in action. If the user does not have the correct permission, this calls edu_display_not_authorized_message and then forces the calling environment to return. the last argument error_page=1 means that if the user is unauthorized, redirect to an error page. if error_page=0 then return 0 for unauthorized user

Defined in: /web/philip/tcl/education.tcl

Source code:

 

    set user_id [ad_verify_and_get_user_id]

    if { [string compare $user_id "0"] == 0 } {
	ns_returnredirect "/register/index?return_url=[ns_urlencode [ns_conn url]?[ns_conn query]]"
	ad_script_abort
    }

    set group_id [ad_get_client_property education $group_type]

    if {![empty_string_p $group_id]} {
	# we want to get the group name and make sure that the id was the correct type
	set group_name [database_to_tcl_string_or_null $db "select group_name from user_groups where group_id = $group_id and group_type = '$group_type'"]
    }


    if {[empty_string_p $group_id] || [empty_string_p $group_name]} {
	ns_returnredirect "/education/util/group-select?group_type=$group_type&return_url=[ns_urlencode [ns_conn url]?[ns_conn query]]"
	ad_script_abort
    } else {
	if {![ad_permission_p $db "" "" $action $user_id $group_id]} {
	    if {$error_page} {
		edu_display_not_authorized_message
		ad_script_abort
	    } else {
		return 0
	    }
	} else {
	    return [list $user_id $group_id "$group_name"]
	}
    }


philg@mit.edu