ACL isn't being respected on IndexMenu2 (TreeNew)

[eduardomozart]

Hello, When using the IndexMenu2 (TreeNew), it isn't respecting the ACL restrictions and still shows unaccessible items on sidebar, as can be seen below.

The ACL doesn't allows the user to access the "3cx", "ad", "airwave", "apache", "cacti", "central", "conceitos" and "db" ns's are being shown. When expanding them, they shows the subdirectory structure only (it's not possible to click or enter on them) - the pages itself respect the ACL and aren't being shown.

The "Aruba ClearPass", "Aruba Instant AP" and "Aruba Mobility" namespaces, the user has access to and they show the namespaces and page files as expected, but inside "Aruba ClearPass", the user has no access to "labguide" subns but it's directory structure are still shown similar to the ns's cited above.

Here's how the ACL is set to "Aruba ClearPass" ns and the other ones (set to the group that this user belongs - the user belongs to "@lettel" and "@user" groups):

*   @user   0
sidebar @ALL    0
start   @user   1
arubavmc    @lettel 1
arubavmc:*  @lettel 1
zabbix  @lettel 1
zabbix:*    @lettel 1
arubavmc:labguide   @lettel 0
arubavmc:labguide:* @lettel 0
iap:*   @lettel 1
iap @lettel 1
clearpass:* @lettel 1
clearpass:labguide  @lettel 0
clearpass:labguide:*    @lettel 0
formalms:*  @lettel 1
formalms    @lettel 1
pfsense:*   @lettel 1
pfsense @lettel 1
sidebar @lettel 1
clearpass   @lettel 1

[eduardomozart]

After applying the PR #310 the IndexMenu TreeNew is shown as expected:

[Klap-in]

The fix is now in the latest step that prepares the data that must be outputted for the treenew. I'm surprised that $data array in makeNodes contains entries that doesn't respect ACL. The step before that actually generates that $data array should already check this... Unfortunately, I have now no time to check in detail.