faq_authorize

one of the documented procedures in this installation of the ACS
Usage:
faq_authorize   db   faq_id
What it does:
given faq_id, this procedure will check whether the user can the right to see this faq. if faq doesn't exist page is served to the user informing him that the page doesn't exist. if successfule it will return user_id of the administrator.
Defined in: /web/philip/tcl/faq-defs.tcl

Source code:


    set selection [ns_db 0or1row $db "
    select faq_id, scope, group_id
    from faqs
    where faq_id=$faq_id"]
    
    if { [empty_string_p $selection] } {
	# faq doesn't exist
	uplevel {
	    ns_return 200 text/html "
	    [ad_scope_header "FAQ Doesn't Exist" $db]
	    [ad_scope_page_title "FAQ Doesn't Exist" $db]
	    [ad_scope_context_bar [list index.tcl?[export_url_scope_vars]  "FAQs"] "No FAQ"]
	    <hr>
	    <blockquote>
	    Requested FAQ does not exist.
	    </blockquote>
	    [ad_scope_footer]
	    "
	}
	ad_script_abort
    }
    
    # faq exists
    set_variables_after_query
    
    switch $scope {
	public {
	    set id 0
	}
	group {
	    set id $group_id
	}
    }
    
    set authorization_status [ad_scope_authorization_status $db $scope all group_member none $id]
    
    set user_id [ad_verify_and_get_user_id]

    switch $authorization_status {
	authorized {
	    return $user_id
	}
	not_authorized {
	    ad_return_warning "Not authorized" "You are not authorized to see this page"
	    ad_script_abort
	}
	reg_required {
	    ad_redirect_for_registration
	    ad_script_abort
	}
    }


philg@mit.edu