|Notify me of new responses|
If I want to check whether a user has permission to perform an
operation, I use ad_permission_p. It seems the only way I can use
this procedure with my groups is be specifying the group_id in the
funtion call. For example, if I want to check if the current user is
in my Publisher group, I use:
ad_permission_p $db "" "" "" "" 21
Using a "magic number" like this bothers me. To find out what this
code does one must look in the user_groups table, or rely on
a comment in the code. However, since group_name is not unique in the
user_groups table, I see no way around this.
Does anyone know of a better way?
-- Michael Harder, October 25, 1999
You could try making a proc that returns the group number, or make a proc that returns the group number after querying the database. Look at how the Administrator procs in the permissions module takes "module" and "submodule" for examples.
-- Jesse Koontz, October 27, 1999
You should make these group have a group_type of administration.
If your group_type is of type administration, you get around this problem. Each of these groups is labeled with a module and possibly a submodule. You then call ad_permission_p with the module/submodule label instead of the group_id.
-- Tracy Adams, November 14, 1999