There is a list called $blacklistedSpaces it is set statically in xwikivars.vm http://svn.xwiki.org/svnroot/xwiki/platform/web/trunk/standard/src/main/weba... Spaces on this list will not be shown in the table and I think the same is true for the tree. You could add a $xwiki.searchDocuments("where doc.name=?", ["WebHome"]) and test each of the names in the output list with $xcontext.hasAccessLevel("view"... To dynamically compile a list of spaces which should be blacklisted. Keep in mind this will incur a performance penalty since this code is executed per page load. You could also just add the space names which you wish to hide. Also keep in mind that this is not a real security fix because a user is allowed to list document names using $searchDocuments("where 1=1") but it will avoid showing the documents to users who are not concerned with them. Caleb Ben Stuggler wrote:
Hi,
I have a "security" problem in the document tree. People who doesn't have access to a specific space shouldn't even see his name in the tree results.
I'm looking for the parameter which has to be modify to solve this problem but unfortunetely, it's very hard to find it. Can somebody help me? => there is a condition to had a link in the space name to see documents inside, I think it's here that I have to modify something but I can't find this code...
Thanks
Regards
Ben