Sorry, you are correct, I meant to say from restricted space. The external method is what gives me access to unrestricted python. I do plan on using Tres' method. ----- Original Message ---- From: Lennart Regebro <regebro@gmail.com> To: Pedro LaWrench <pedrolawrench@yahoo.com> Cc: Jaroslav Lukesh <lukesh@seznam.cz>; zope@zope.org; Tres Seaver <tseaver@palladion.com> Sent: Tuesday, April 28, 2009 11:12:20 AM Subject: Re: [Zope] how to prevent URL access to an external method? On Tue, Apr 28, 2009 at 18:25, Pedro LaWrench <pedrolawrench@yahoo.com> wrote:
What would you change on the security tab? I still want my authenticated users to have access to the method as a call to it is made from unrestricted space (such as a page template)
A page template is restricted. If it really was unrestricted it would be called from Python code on the hard disk, and then you wouldn't need the external method.
I just don't want them to call the method directly.
So Tres method is the simplest one that does just this. -- Lennart Regebro: Python, Zope, Plone, Grok http://regebro.wordpress.com/ +33 661 58 14 64