[Zope-dev] Method available from Python scripts only

[Gilles Lenfant]

Hi,

I'm facing a problem, and perhaps I haven't got enough security
enlightenment to close it.

I made a Foo class with a *public* "bar" method
(security.declarePublic("bar"))

But I want this method to be available only from python scripts or
expressions in DTML/TAL (with no proxy rule), but forbidden through URLs.

To be clearer, if myfoo is a Foo object :

* myfoo.bar() is granted to anonymous users

* http://mysite.com/.../myfoo/bar is restricted

Any hint to do this ?

Thanks in advance

--Gilles