[Zope-dev] Method available from Python scripts only
Clemens Robbenhaar
zope-dev@zope.org
Fri, 18 Apr 2003 15:02:36 +0200
Gilles Lenfant writes:
> Hi,
>
> I'm facing a problem, and perhaps I haven't got enough security
> enlightenment to close it.
>
> I made a Foo class with a *public* "bar" method
> (security.declarePublic("bar"))
>
> But I want this method to be available only from python scripts or
> expressions in DTML/TAL (with no proxy rule), but forbidden through URLs.
>
> To be clearer, if myfoo is a Foo object :
>
> * myfoo.bar() is granted to anonymous users
>
> * http://mysite.com/.../myfoo/bar is restricted
>
> Any hint to do this ?
A simple hack is to remove the docstring from the "bar"-method; methods
without docstring will not be published (did You never get the
corresponding error message? ;-)
HTH,
Clemens