We have a site which uses custom AT content-types, some of which contain ReferenceFields. When a published object links to an object in the private workflow state, the referencing object triggers a login prompt when being viewed by anonymous users or users without view permissions on the private referenced objects. Ideally, this would function like other places in Plone, where private objects are essentially invisible to users who don't have view permissions on them. What's the best practices way to implement such behaviour?
I've been trying variations on this, but I'm not sure if I'm on the right track:
projects = 
for obj in relations:
if obj is not None and checkPermission('zope2.View', obj):
If your site is all Archetypes and views to pages with this kind of reference are frequent, this may be a case where I think you benefit from bypassing Referenceable.getRefs() and going directly to reference_catalog and portal_catalog to:
(a) Get all target UIDs from reference_catalog brains for the searched reference;
(b) Query against those UIDs in portal_catalog, where CatalogTool.searchResults() automagically (via allowedRolesAndUsers index) filters by whether target is visible.
Then you are not waking up the target objects, on site where the BTree buckets used for most of reference_catalog and portal_catalog are likely to be otherwise warmed. I could be wrong, but I suspect this would be a performance win.
Thanks Sean. That's exactly what I was looking for. I revised my BrowserView to return a list of UIDs and fed those into portal_catalog.searchResults() and it worked very smoothly.
The permission name here is 'View'. You are using the permission names mapped through ZCML instead of the canonical Zope permission names.