[Zope] how to prevent URL access to an external method?

Jaroslav Lukesh lukesh at seznam.cz
Tue Apr 28 11:07:07 EDT 2009

Click at the Proxy tab at method with "View" permission

----- Original Message ----- 
From: "Pedro LaWrench" <pedrolawrench at yahoo.com>

I need to do something on the filesystem, which requires unrestricted 
python, so I created an external method. The problem is that anyone can call 
that directly via URL, so I added a permission check. Even then, users with 
the sufficient permissions can call this via URL, which I don't want them to 
do. I only want them to have access indirectly from other pages (such as a 
page template that will pass sane parameters). Is there anyway to do this?

More information about the Zope mailing list