15 Jul
2003
15 Jul
'03
10:37 p.m.
Something like this is usually done automatically.
The CMF uses the index "AllowedRolesAndUsers". It indexes the roles and users that may view the object.
When you perform a query, the query is automatically extended with an "and" that the current users roles or user name must match the "AllowedRolesAndUsers".
That's right, but it doesn't take "Access contents information" of folders into account. So you may be able to view a document, but you aren't allowed to access it, because the folder containing the document does not allow it. This should be covered by allowedRolesAndUsers, but it isn't acually....i have a patch somewhere, but no access to it right now....=| Greetings, Marian