chas wrote:
At 08:49 PM 04/08/2000 +0100, you wrote:
chas <panda@skinnyhippo.com> writes:
Is there no way to protect the DTML method so that it cannot be accessed directly from instances of this ZClass ? [...] I don't want people to be able to call : http://Zope_server/MyInstance/content
But we would like other DTML documents/methods such as http://Zope_server/MyInstance/index_html to be able to access the contents using "<dtml-var content>"
Dunno of this would work for you.. haven't tried it. Perhaps create a folder in your ZClass, define permissions limits on it, create methods inside that. Then when you want to be using content etc, just do <dtml-with foldername>.
Thanks John, I'd also already attempted that one too but, you know, even the folders can not have the "view" permission disabled within a class.
You need to create a Permission object in the ZClass that defines how you want to protect attributes of that class. You can map that permission to an existing permission if you want. -Michel