Leonardo Fernandes wrote at 2003-3-11 08:33 -0300:
Is there a way to prevent access to files in the server (pdf files, for instance).
You restrict "View" permission to these objects...
I intend to use sessions (REQUEST.SESSION) to control that. Is it possible?
Hm, the session object does not control (out of the box) accessibility. You may define an accessor with a proxy role providing access to your protected files that check things in "SESSION". Please, read the Zope Book (2.6 edition) to learn more about these things.
If not, what's the better option in this case? AccessRules also don't seem to work.
In what way do they not work?
Second: I'd like to use Session (REQUEST.SESSION) data as a parameter to another method (a Zsql Method for example). How can I do that in dtml?
I think, I already replied to this question... It is probably best to have: one question, one message. Dieter