diff --git a/product/ERP5/Extensions/Grep.py b/product/ERP5/Extensions/Grep.py index ac48072a301314afd270d735ea1bd1e42e6cd538..4b022f363204c265b84f6e0d36b137a959cc08be 100644 --- a/product/ERP5/Extensions/Grep.py +++ b/product/ERP5/Extensions/Grep.py @@ -1,6 +1,9 @@ import re import cgi from Acquisition import aq_base +from AccessControl import Unauthorized +from Products.CMFCore.utils import _checkPermission +from Products.ERP5Type import Permissions try: from Products import ExternalEditor @@ -32,6 +35,8 @@ def traverse(ob, r, result, command_line_arguments): break def grep(self, pattern, A=0, B=0, r=1, i=0): + if not _checkPermission(Permissions.ManagePortal, self): + raise Unauthorized(self) command_line_arguments = {} # emulate grep command line args command_line_arguments['A'] = int(A) command_line_arguments['B'] = int(B)