[ZDP] BackTalk to Document The Zope Book (2.6 Edition)/Users and
Security
webmaster at zope.org
webmaster at zope.org
Fri May 14 19:08:55 EDT 2004
A comment to the paragraph below was recently added via http://zope.org/Documentation/Books/ZopeBook/2_6Edition/Security.stx#3-118
---------------
Sometimes Zope's system of limiting access to executable objects
isn't exactly what you want. Sometimes you may wish to clamp
down security on an executable object despite its ownership as a
form of extra security. Other times you may want to provide an
executable object with extra access to allow an unprivileged
viewer to perform protected actions. *Proxy roles* provide you
with a way to tailor the roles of an executable object.
% Anonymous User - May 14, 2004 7:08 pm:
what happens if a page template calls a python-script that is usually not accessible with the rights assigned
to the template? for example, the script needs manager-permissions and the page-template only
authenticated-permissions. usually I would try to give the template a proxy-role but... that's not possible..
what can I do?
More information about the ZDP
mailing list