im_bboard_restrict_access_to_group argsWhat it does:
BBoard security hack Restricts access to a bboard if it has a group_id set for the specified topic_id or msg_idDefined in: /web/philip/tcl/intranet-defs.tcl
Source code:
if { ![im_enabled_p] || ![ad_parameter EnableIntranetBBoardSecurityFiltersP intranet 0] } { # no need to check anything in this case! return filter_ok } set form [ns_getform] if { [empty_string_p $form] } { # The form is empty - presumably we're not accessing any # bboard topic or message! return filter_ok } # 3 ways to identify a message - see if we have any of them! set topic_id [ns_set get $form topic_id] set msg_id [ns_set get $form msg_id] set refers_to [ns_set get $form refers_to] if { ![regexp {^[0-9]+$} $topic_id] } { # topic_id is not an integer set topic_id "" } if { [empty_string_p $topic_id] && [empty_string_p $msg_id] && [empty_string_p $refers_to] } { # Don't have a msg_id or topic_id or refers_to - can't do anything... # Grant access by default return filter_ok } set db [ns_db gethandle subquery] if { [empty_string_p $topic_id] } { # Get the topic id from whatever identifier we have if { [empty_string_p $msg_id] } { set msg_id $refers_to } set topic_id [database_to_tcl_string $db "select topic_id from bboard where msg_id='[DoubleApos $msg_id]'"] } set user_id [ad_get_user_id] set has_access_p 0 if { $user_id > 0 } { set has_access_p [database_to_tcl_string $db "select decode(count(1),0,0,1) from bboard_topics t where t.topic_id = '$topic_id' and (t.group_id is null or ad_group_member_p($user_id, t.group_id) = 't')"] if { $has_access_p == 0 } { # Check if this is an intranet authorized user - they # get to see everything! set has_access_p [im_user_is_authorized_p $db $user_id] } } elseif {$user_id == 0} { # the user isnt loged in set has_access_p [database_to_tcl_string $db "select decode(count(1),0,0,1) from bboard_topics t where t.topic_id = '$topic_id' and t.group_id is null"] } ns_db releasehandle $db if { $has_access_p } { return filter_ok } ad_return_error "Access denied" "This section of the bboard is restricted. You must either be a member of the group who owns this topic or an authorized user of the [ad_parameter SystemName] intranet. You can <a href=/register/index.tcl?return_url=[ad_urlencode [ad_partner_url_with_query]]>login</a> as someone else if you like." return filter_return