I don't know if it's the right list to post to, but I have the following
I have several objects (documents, folders etc) that are accessible only
by a certain user role, this objects are cataloged. Now if I query the
catalog the brains of these objects are returned correctly, but to _all_
users that issue a query. That means, users that don't have the permission
to "View" or "Access Content Information" can see the brains as well...
I tried to filter the result set by converting the brains into real
objects (brain.getObject) in an external method (I thought, this way I
should be able to exclude unauthorized users by adding the
"skip_unauthorized" to the dtml-in), but that doesn't work
since there are "brains" that are actually NoBrainer instances...
Does anyone have an idea of how I could solve this problem?
Actually I thought this kind of "information hiding" is supported by basic
ZCatalog machinery, but now it looks like I'll have to hack a
Any help greatly appreciated.
Zope-Dev maillist - [EMAIL PROTECTED]
** No cross posts or HTML encoding! **
(Related lists -