Vladimir Petrovic wrote at 2005-10-6 17:44 +0300:
... restricting Web Publishing in specific folders ... I know this can be done by restricting View/Access Contents information privileges for folders/scripts to the specific role and then giving DTML methods proxy role. But, is there any other easier methods ?
There may be several alternative options: * an "AccessRule" Two potential problems: - they can be deactivated by the incomming request (but you can comment out the deactivating code) - authentication has not yet taken place; the user identity is not yet known * a "Post-Authentication-Hook" I think (but I am not sure) that Zope 2.8 has implemented them. If not, my Zope page contains a patch (for older Zope versions, will not work out of the box for Zope 2.8) for a "Post-Authentication-Hook" implementation. <http://www.dieter.handshake.de/pyprojects/zope> -- Dieter