Quoting Casey Duncan <casey@zope.com>:
After a closer look, it would seem that nearly all of the 'Unauthorized' string exceptions have been replaced with a bonified exception object. So that is probably why it doesn't work.
You could try importing this class in the python script using::
from zExeptions import Unauthorized
and catch exceptions of this class. I have a feeling this import is not possible fom a python script however (though it probably should be). So that leaves you little choice but to either use a bare except, or write the code in an external method or other trusted code module.
Thanks for the hint. I ended up with something pretty simple; I already had an AllowExports product, so I added this to the bottom of its __init__.py: # This is needed to circumvent stupidness and paranoia ModuleSecurityInfo('AccessControl').declarePublic('Unauthorized') In my menu item listing script, I now have this: from AccessControl import Unauthorized # ... try: menu_order = sibling.getProperty('menu_order', None) is_folderish = sibling.isPrincipiaFolderish except Unauthorized: continue