notifications-security-procs.tcl

Notifications Security Library Manage permissions for notifications.

Location:
packages/notifications/tcl/notifications-security-procs.tcl
Created:
2002-05-27
Author:
Ben Adida
CVS Identification:
$Id: notifications-security-procs.tcl,v 1.9.2.3 2024/08/28 06:34:03 gustafn Exp $

Procedures in this file

Detailed information

notification::security::can_admin_request_p (public)

 notification::security::can_admin_request_p [ -user_id user_id ] \
    -request_id request_id

Checks if a user can manage a given notification request.

Switches:
-user_id (optional)
-request_id (required)
Returns:
boolean value

Partial Call Graph (max 5 caller/called nodes):
%3 notification::security::require_admin_request notification::security::require_admin_request (public) notification::security::can_admin_request_p notification::security::can_admin_request_p notification::security::require_admin_request->notification::security::can_admin_request_p acs_user::site_wide_admin_p acs_user::site_wide_admin_p (public) notification::security::can_admin_request_p->acs_user::site_wide_admin_p ad_conn ad_conn (public) notification::security::can_admin_request_p->ad_conn db_0or1row db_0or1row (public) notification::security::can_admin_request_p->db_0or1row

Testcases:
No testcase defined.

notification::security::can_notify_object_p (public)

 notification::security::can_notify_object_p [ -user_id user_id ] \
    -object_id object_id

This checks if a user can request notification on a given object.

Switches:
-user_id (optional)
-object_id (required)
Returns:
boolean value

Partial Call Graph (max 5 caller/called nodes):
%3 notification::security::require_notify_object notification::security::require_notify_object (public) notification::security::can_notify_object_p notification::security::can_notify_object_p notification::security::require_notify_object->notification::security::can_notify_object_p permission::permission_p permission::permission_p (public) notification::security::can_notify_object_p->permission::permission_p

Testcases:
No testcase defined.

notification::security::can_notify_user (public)

 notification::security::can_notify_user -user_id user_id \
    [ -delivery_method_id delivery_method_id ]

Can a user be notified for a given delivery method. This proc can be expanded to deal with cases when we don't want to send a notification. For instance we could check email_bouncing_p or if a user is on vacation. Right now it just makes sure its an approved user.

Switches:
-user_id (required)
-delivery_method_id (optional)
Returns:
boolean value

Partial Call Graph (max 5 caller/called nodes):
%3 notification::delivery::send notification::delivery::send (public) notification::security::can_notify_user notification::security::can_notify_user notification::delivery::send->notification::security::can_notify_user acs_user::get_user_info acs_user::get_user_info (public) notification::security::can_notify_user->acs_user::get_user_info

Testcases:
No testcase defined.

notification::security::require_admin_request (public)

 notification::security::require_admin_request [ -user_id user_id ] \
    -request_id request_id

Require the ability to admin a request. The function raised potentially a script_abort exception, when the user is not logged in.

Switches:
-user_id (optional)
-request_id (required)
Returns:
boolean value expressing if the user can issued an admin request
See Also:

Partial Call Graph (max 5 caller/called nodes):
%3 packages/notifications/www/request-delete.tcl packages/notifications/ www/request-delete.tcl notification::security::require_admin_request notification::security::require_admin_request packages/notifications/www/request-delete.tcl->notification::security::require_admin_request packages/notifications/www/unsubscribe.tcl packages/notifications/ www/unsubscribe.tcl packages/notifications/www/unsubscribe.tcl->notification::security::require_admin_request auth::require_login auth::require_login (public) notification::security::require_admin_request->auth::require_login notification::security::can_admin_request_p notification::security::can_admin_request_p (public) notification::security::require_admin_request->notification::security::can_admin_request_p

Testcases:
No testcase defined.

notification::security::require_notify_object (public)

 notification::security::require_notify_object [ -user_id user_id ] \
    -object_id object_id

Require the ability to notify on an object. The function raised potentially a script_abort exception, when the user is not logged in.

Switches:
-user_id (optional)
-object_id (required)
Returns:
boolean value expressing if we can notify the user

Partial Call Graph (max 5 caller/called nodes):
%3 auth::require_login auth::require_login (public) notification::security::can_notify_object_p notification::security::can_notify_object_p (public) notification::security::require_notify_object notification::security::require_notify_object notification::security::require_notify_object->auth::require_login notification::security::require_notify_object->notification::security::can_notify_object_p

Testcases:
No testcase defined.
[ hide source ] | [ make this the default ]

Content File Source

ad_library {

    Notifications Security Library

    Manage permissions for notifications.

    @creation-date 2002-05-27
    @author Ben Adida <ben@openforce.biz>
    @cvs-id $Id: notifications-security-procs.tcl,v 1.9.2.3 2024/08/28 06:34:03 gustafn Exp $

}

namespace eval notification::security {

    d_proc -public can_notify_user {
        {-user_id:required}
        {-delivery_method_id ""}
    } {
        Can a user be notified for a given delivery method.

        This proc can be expanded to deal with cases when we don't want to
        send a notification.  For instance we could check email_bouncing_p
        or if a user is on vacation. Right now it just makes sure its an
        approved user.

        @param user_id
        @param delivery_method_id
        @return boolean value
    } {
        return [expr {[acs_user::get_user_info -user_id $user_id -element member_state] eq "approved"}]
    }

    d_proc -public can_notify_object_p {
        {-user_id ""}
        {-object_id:required}
    } {
        This checks if a user can request notification on a given object.

        @param user_id
        @param object_id
        @return boolean value
    } {
        return [permission::permission_p -party_id $user_id -object_id $object_id -privilege "read"]
    }

    d_proc -public require_notify_object {
        {-user_id ""}
        {-object_id:required}
    } {

        Require the ability to notify on an object.  The function
        raised potentially a script_abort exception, when the user is
        not logged in.

        @param user_id
        @param object_id
        @return boolean value expressing if we can notify the user
    } {
        # require user to be logged in
        auth::require_login
        return [can_notify_object_p -user_id $user_id -object_id $object_id]
    }

    d_proc -public can_admin_request_p {
        {-user_id ""}
        {-request_id:required}
    } {
        Checks if a user can manage a given notification request.

        @param user_id
        @param request_id
        @return boolean value
    } {
        # owner of notification or side-wide admin
        set allowed 0
        if {$user_id eq ""} {
            set user_id [ad_conn user_id]
        }
        if {[acs_user::site_wide_admin_p -user_id $user_id]} {
            set allowed 1
        } else {
            set allowed [db_0or1row check_owner {
                select 1 from notification_requests
                where request_id = :request_id
                  and user_id = :user_id
            }]
        }
        return $allowed
    }

    d_proc -public require_admin_request {
        {-user_id ""}
        {-request_id:required}
    } {
        Require the ability to admin a request. The function
        raised potentially a script_abort exception, when the user is
        not logged in.

        @param user_id
        @param request_id
        @return boolean value expressing if the user can issued an admin request

        @see permission::require_permission
    } {
        # require user to be logged in
        auth::require_login
        return [can_admin_request_p -user_id $user_id -request_id $request_id]
    }
}

# Local variables:
#    mode: tcl
#    tcl-indent-level: 4
#    indent-tabs-mode: nil
# End: