In eZ Platform Admin interface, the CREATE button in the right side bar won't consider the user permissions, showing all the existent content types and allowing the user to start the creation of new content objects of classes he should not be able to create.

Steps to reproduce

• Create a new Test role with the following policies

  Module	Function	Limitation
  user	login	No limitations
  content	read	No limitations
  content	create	Class( 16 ), Subtree( /1/2/112/ )

• Create a new Test user group and assign the Test role to it.
• Create a new usr_test user in the Test user group.
• Log in with usr_test
• Open anywhere outside the /1/2/112/ subtree_ and click on the create button
• From here, if you try to save, publish or preview the draft you will fall into the EZP-26543 issue.

First, since you don't have permissions to create anything in your location, the CREATE button should be disable just like the Move button.

Second, clicking the CREATE button shouldn't let you to choose classes you don't have access