Commit 506d5315 authored by Ivan Tyagov's avatar Ivan Tyagov

Use restrictedTraverse which will perform security checks rather than getattr...

Use restrictedTraverse which will perform security checks rather than getattr which will raise Unauthorized if logged in user can't access portal_gadgets.

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@24658 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 209a5d68
...@@ -65,7 +65,7 @@ ...@@ -65,7 +65,7 @@
</div>\n </div>\n
<p class="clear" />\n <p class="clear" />\n
</div>\n </div>\n
<tal:block tal:condition="python: getattr(here,\'portal_gadgets\', None) is not None">\n <tal:block tal:condition="python: here.getPortalObject().restrictedTraverse(\'portal_gadgets\', None) is not None">\n
<link href="erp5_knowledge_box_top_newpage.css" rel="stylesheet" type="text/css" />\n <link href="erp5_knowledge_box_top_newpage.css" rel="stylesheet" type="text/css" />\n
<tal:block tal:condition="exists:here/ERP5Site_viewHomeAreaRenderer"\n <tal:block tal:condition="exists:here/ERP5Site_viewHomeAreaRenderer"\n
tal:replace="structure here/ERP5Site_viewHomeAreaRenderer" />\n tal:replace="structure here/ERP5Site_viewHomeAreaRenderer" />\n
......
629 631
\ No newline at end of file \ No newline at end of file
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment