Related #54
The table views display the URL link whether the user actually has the permission to access the attachment or not.
This pull request restrict the displayed objects according to the users's permissions so that there is no more information leak.
Thanks to @tibobo67