check view permission when listing menu items
git-svn-id: svn://svn.cy55.de/Zope3/src/loops/trunk@2946 fd906abe-77d9-0310-91a1-e0d9ade77398
This commit is contained in:
helmutm
parent
4d05fa9ab3
commit
b282159a8e
1 changed files with 3 additions and 0 deletions
3
view.py
3
view.py
|
|
@ -33,6 +33,7 @@ from zope.interface import implements
|
|||
from zope.interface import alsoProvides, directlyProvides, directlyProvidedBy
|
||||
from zope.publisher.browser import applySkin
|
||||
from zope import schema
|
||||
from zope.security import canAccess
|
||||
from zope.security.proxy import removeSecurityProxy
|
||||
from zope.traversing.api import getName, getParent
|
||||
from persistent import Persistent
|
||||
|
|
@ -147,6 +148,8 @@ class Node(View, OrderedContainer):
|
|||
|
||||
def getChildNodes(self, nodeTypes=None):
|
||||
for item in self.values():
|
||||
if not canAccess(item, 'title'):
|
||||
continue
|
||||
if INode.providedBy(item) \
|
||||
and (not nodeTypes or item.nodeType in nodeTypes):
|
||||
yield item
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue