[Zope] how to prevent URL access to an external method?
pedrolawrench at yahoo.com
Tue Apr 28 15:08:14 EDT 2009
Sorry, you are correct, I meant to say from restricted space. The external method is what gives me access to unrestricted python. I do plan on using Tres' method.
----- Original Message ----
From: Lennart Regebro <regebro at gmail.com>
To: Pedro LaWrench <pedrolawrench at yahoo.com>
Cc: Jaroslav Lukesh <lukesh at seznam.cz>; zope at zope.org; Tres Seaver <tseaver at palladion.com>
Sent: Tuesday, April 28, 2009 11:12:20 AM
Subject: Re: [Zope] how to prevent URL access to an external method?
On Tue, Apr 28, 2009 at 18:25, Pedro LaWrench <pedrolawrench at yahoo.com> wrote:
> What would you change on the security tab? I still want my authenticated users to have access to the method as a call to it is made from unrestricted space (such as a page template)
A page template is restricted. If it really was unrestricted it would
be called from Python code on the hard disk, and then you wouldn't
need the external method.
> I just don't want them to call the method directly.
So Tres method is the simplest one that does just this.
Lennart Regebro: Python, Zope, Plone, Grok
+33 661 58 14 64
More information about the Zope