3 Feb
2004
3 Feb
'04
4:44 p.m.
From: "Kirk Strauser" <kirk@daycos.com>
I have a Python script named "doSecretStuff" in the root of the site's folder. Now, I want to be able to call that script from DTML documents and other Python scripts, but I *don't* want end users to be able to visit http://www.example.com/doSecretStuff to execute it directly.
Can Zope's security model handle this?
Well, you then have to give the dtml documents and python scipts that should call this script proxy roles so that they have roles and permissions that the users themselves doesn't have.