[Zope] how to prevent URL access to an external method?

Pedro LaWrench pedrolawrench at yahoo.com
Tue Apr 28 11:23:06 EDT 2009

I don't know what this means.  BTW, I'm using Zope 2.9.8, if that matters, along with Plone 2.5.4.

From: Andreas Jung <lists at zopyx.com>
To: Pedro LaWrench <pedrolawrench at yahoo.com>
Cc: zope at zope.org
Sent: Tuesday, April 28, 2009 8:09:14 AM
Subject: Re: [Zope] how to prevent URL access to an external method?

Use a BrowserView?!


On Tue, Apr 28, 2009 at 17:04, Pedro LaWrench <pedrolawrench at yahoo.com> wrote:

I need to do something on the filesystem, which requires unrestricted python, so I created an external method. The problem is that anyone can call that directly via URL, so I added a permission check. Even then, users with the sufficient permissions can call this via URL, which I don't want them to do. I only want them to have access indirectly from other pages (such as a page template that will pass sane parameters). Is there anyway to do this?

Zope maillist  -  Zope at zope.org
**   No cross posts or HTML encoding!  **
(Related lists -
 http://mail.zope.org/mailman/listinfo/zope-dev )

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.zope.org/pipermail/zope/attachments/20090428/66887993/attachment.html 

More information about the Zope mailing list