Use restrictedTraverse which will perform security checks rather than getattr...

Use restrictedTraverse which will perform security checks rather than getattr which will raise Unauthorized if logged in user can't access portal_gadgets. git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@24658 20353a03-c40f-0410-a6d1-a30d3c3de9de

Use restrictedTraverse which will perform security checks rather than getattr...
Use restrictedTraverse which will perform security checks rather than getattr which will raise Unauthorized if logged in user can't access portal_gadgets. git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@24658 20353a03-c40f-0410-a6d1-a30d3c3de9de
506d5315 · Ivan Tyagov · 209a5d68 · 506d5315 · 506d5315
Commit 506d5315 authored Nov 21, 2008 by Ivan Tyagov
2 changed files
--- a/product/ERP5/bootstrap/erp5_xhtml_style/SkinTemplateItem/portal_skins/erp5_access_tab/erp5_site_main_template.xml
+++ b/product/ERP5/bootstrap/erp5_xhtml_style/SkinTemplateItem/portal_skins/erp5_access_tab/erp5_site_main_template.xml
@@ -65,7 +65,7 @@
              </div>\n
                <p class="clear" />\n
              </div>\n
-              <tal:block tal:condition="python: getattr(here,\'portal_gadgets\', None) is not None">\n
+              <tal:block tal:condition="python: here.getPortalObject().restrictedTraverse(\'portal_gadgets\', None) is not None">\n
                  <link href="erp5_knowledge_box_top_newpage.css" rel="stylesheet" type="text/css" />\n
                  <tal:block tal:condition="exists:here/ERP5Site_viewHomeAreaRenderer"\n
                            tal:replace="structure here/ERP5Site_viewHomeAreaRenderer" />\n

--- a/product/ERP5/bootstrap/erp5_xhtml_style/bt/revision
+++ b/product/ERP5/bootstrap/erp5_xhtml_style/bt/revision
-629
\ No newline at end of file
+631
\ No newline at end of file