Hi all, I don't know if it's the right list to post to, but I have the following problem: I have several objects (documents, folders etc) that are accessible only by a certain user role, this objects are cataloged. Now if I query the catalog the brains of these objects are returned correctly, but to _all_ users that issue a query. That means, users that don't have the permission to "View" or "Access Content Information" can see the brains as well... I tried to filter the result set by converting the brains into real objects (brain.getObject) in an external method (I thought, this way I should be able to exclude unauthorized users by adding the "skip_unauthorized" to the dtml-in), but that doesn't work since there are "brains" that are actually NoBrainer instances...
Does anyone have an idea of how I could solve this problem? Actually I thought this kind of "information hiding" is supported by basic ZCatalog machinery, but now it looks like I'll have to hack a workaround... Any help greatly appreciated. Greetings, Igor _______________________________________________ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )