[CMF-checkins] CVS: Products/CMF - PortalFolder.py:1.22

andrew@cvs.baymountain.com andrew@cvs.baymountain.com
Thu, 19 Jul 2001 12:18:28 -0400


Update of /cvs-repository/Products/CMFCore
In directory cvs.baymountain.com:/tmp/cvs-serv25455/CMFCore

Modified Files:
	PortalFolder.py 
Log Message:

*modifed PortalFolder to handle permission's filtering -- i.e.
it duplicates what skip_unauthorized is doing in
DocumentTemplate/DT_IN.py


[debug - name:Products/CMF, repo:Products/CMFCore, fn:PortalFolder.py
====== Updated Products/CMF/PortalFolder.py, 1.21 => 1.22 ======
     security.declareProtected( ListFolderContents
                              , 'listFolderContents' )
-    def listFolderContents( self, spec=None, filter=None ): # XXX
+    def listFolderContents( self, spec=None, contentFilter=None ): # XXX
         """
             Hook around 'contentValues' to let 'folder_contents'
-            be protected.
+            be protected.  Duplicating skip_unauthorized behavior of dtml-in.
         """
-        return self.contentValues( filter=filter )
+        items = self.contentValues(filter=contentFilter)
+        l = []
+        for obj in items:
+            id = obj.getId()
+            v = obj
+            try: 
+                if getSecurityManager().validate(self, self, id, v):
+                    l.append(obj)
+            except "Unauthorized":
+                pass
+        return l
+
 
     security.declarePublic('contentItems')
     def contentItems( self, spec=None, filter=None ):