In a product I'm making, privileged and unprivileged users can query a ZCatalog that indexes both restricted and unrestricted objects. So I'd like to filter out restricted objects from catalog returns for the unprivileged users. Here's what I tried: 1. Give objects an extra property at creation time that indicates the crucial permission (role: Anonymous, permission: View). Doesn't work because the objects are nested, and have to acquire permissions from their parents. 2. Somehow get SecurityCheckPermission to loop over the 'real' objects and block rendering of the corresponding result object. Something like this: <dtml-in expr="TheCatalog({'meta_type':'TheObject'})"> <dtml-if expr="_.SecurityCheckPermission( 'View', object"> <dtml-var title> </dtml-if> </dtml-in> This should work if only I could get anything out of the record object that allows me to reliably acquire the 'real' object. I.e. I don't know how to fill in the "object" in the code above. Most promising is running the getPath() method on the result object, but I haven't managed to coerce its result into something SecurityCheckPermission can work with. 3. Following Juri Pakaste's blog post <http://www.helsinki.fi/~pakaste/blog/ugly_zope_hacks.html>, I realised that even testing permissions on remote objects needed the 'View' permission, so I tried something like this: <dtml-in expr="TheCatalog({'meta_type':'TheObject'})"> <dtml-try> <dtml-call "_.int(getPath)"> <dtml-var title> </dtml-try> </dtml-in> Same problem: how do I get anything in that <dtml-try> block to access the actual object? <dtml-call "_.int(getPath)"> and (very, very) numerous variations don't work. The site is Zope 2.5.1, the Zcatalog is indexed automagically. -- Wilbert Kraan Web Journalist Centre For Educational Technology Interoperability Standards (CETIS) +44 (0)1248 383645 web: http://www.cetis.ac.uk newsfeed: http://www.cetis.ac.uk/news.xml