Index: openacs-4/packages/forums-portlet/www/forums-portlet.tcl =================================================================== RCS file: /usr/local/cvsroot/openacs-4/packages/forums-portlet/www/forums-portlet.tcl,v diff -u -r1.22.2.1 -r1.22.2.2 --- openacs-4/packages/forums-portlet/www/forums-portlet.tcl 18 Mar 2019 14:35:17 -0000 1.22.2.1 +++ openacs-4/packages/forums-portlet/www/forums-portlet.tcl 12 Jul 2019 15:39:08 -0000 1.22.2.2 @@ -22,7 +22,15 @@ # get the parameter from forums-portlet to set the new-graphic correspondingly set package_id [apm_package_id_from_key [forums_portlet::my_package_key]] set default_new_period [parameter::get -package_id $package_id -parameter DefaultPeriodNewGraphic -default 2] - +# +# TODO +# +# As long as the forum is still accesible directly via URL, this is mostly +# useless, as the whole 'privacy control' is ignored there. +# +# Question is, if we want to enforce such policy there, or we can just remove +# this permission check altogether. +# if { [acs_privacy::privacy_control_enabled_p] } { set private_data_restriction {and acs_permission.permission_p(forums_forums.package_id, :user_id, 'read_private_data')} } else {