From 0612728d9b35816e9a347b9d0f747d90541e461f Mon Sep 17 00:00:00 2001
From: helmutm <helmutm@fd906abe-77d9-0310-91a1-e0d9ade77398>
Date: Thu, 29 Jan 2009 10:16:17 +0000
Subject: [PATCH] work in progress: more flexible permission checks

git-svn-id: svn://svn.cy55.de/Zope3/src/loops/trunk@3193 fd906abe-77d9-0310-91a1-e0d9ade77398
---
 browser/common.py | 7 +++++--
 browser/node.py   | 4 +++-
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/browser/common.py b/browser/common.py
index 50001b1..4dcb465 100644
--- a/browser/common.py
+++ b/browser/common.py
@@ -116,11 +116,14 @@ class BaseView(GenericView, I18NView):
         # TODO: get rid of removeSecurityProxy() call - not yet...
         self.context = removeSecurityProxy(context)
         try:
-            if not canAccessObject(context):
-                raise Unauthorized('%r: title' % (context))
+            if not self.checkPermissions():
+                raise Unauthorized('%r: title' % (self.context))
         except ForbiddenAttribute:  # ignore when testing
             pass
 
+    def checkPermissions(self):
+        return canAccessObject(self.context)
+
     @Lazy
     def conceptMacros(self):
         return concept_macros.macros
diff --git a/browser/node.py b/browser/node.py
index 09c7d50..c767fba 100644
--- a/browser/node.py
+++ b/browser/node.py
@@ -106,7 +106,9 @@ class NodeView(BaseView):
                     subMacros=[i18n_macros.macros['language_switch']])
         cm.register('portlet_left', 'navigation', title='Navigation',
                     subMacro=node_macros.macros['menu'])
-        if canWrite(self.context, 'title'):
+        if canWrite(self.context, 'title') or (
+                self.virtualTargetObject is not None and
+                    canWrite(self.virtualTargetObject, 'title')):
             #cm.register('portlet_right', 'clipboard', title='Clipboard',
             #            subMacro=self.template.macros['clipboard'])
             # this belongs to loops.organize