From 41a623145fbde8b5bcf2998722ef0f523db55f61 Mon Sep 17 00:00:00 2001
From: helmutm <helmutm@fd906abe-77d9-0310-91a1-e0d9ade77398>
Date: Wed, 1 Jul 2009 13:20:57 +0000
Subject: [PATCH] no security check on accessing the nodeType attribute during
 traversal

git-svn-id: svn://svn.cy55.de/Zope3/src/loops/trunk@3439 fd906abe-77d9-0310-91a1-e0d9ade77398
---
 browser/node.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/browser/node.py b/browser/node.py
index b1b3b27..5a139ad 100644
--- a/browser/node.py
+++ b/browser/node.py
@@ -788,8 +788,9 @@ class NodeTraverser(ItemTraverser):
     def publishTraverse(self, request, name):
         viewAnnotations = request.annotations.setdefault('loops.view', {})
         viewAnnotations['node'] = self.context
-        if removeSecurityProxy(self.context).nodeType == 'menu':
-            setViewConfiguration(self.context, request)
+        context = removeSecurityProxy(self.context)
+        if context.nodeType == 'menu':
+            setViewConfiguration(context, request)
         if name == '.loops':
             return self.context.getLoopsRoot()
         if name.startswith('.target'):