On Fri, 30 Apr 2004, Chris McDonough wrote:
On Fri, 2004-04-30 at 21:31, Dennis Allison wrote:
I'm still thinking a path based access permissions approach ought to work provided the access controls are hard to disable and provided the number of legal access paths is relatively small.
I have no idea what this means, sorry. ;-)
Neither do I )-: I think I was confused and therefore confusing. Let me try to explain again. I am trying to control the publishability (that is, visibility) of objects A, B, and so forth. Object A has a URL /z/y/x/A and is legally referenced only from URLs /p/d/q/R and /p/d/n/S and then only in some (computed) circumstances. For our purposes let's assume that references from R and S can be guaranteed legal. All other reference are to be disallowed, even if the user holds the appropriate Zope permissions. The question is how to implement this functionality in Zope.