[Zope-dev] Preventing scripts from being called directly

Florent Guillaume fg at nuxeo.com
Tue Aug 24 09:35:59 EDT 2004


In article <41298E82.1060001 at ita.chalmers.se> you write:
> Hello,
> 
> I am trying to prevent PythonScripts from being called directly TTW.
> 
> Is there a better way of doing this than the following code being called 
> at the very begining of the script?
> 
> if script.getPhysicalPath() = context.REQUEST.PUBLISHED.getPhysicalPath():
>    raise "UnAuthorisedOrSimilar"

The way I do it is:

##parameters=foo, bar, ..., REQUEST=None

if REQUEST is not None:
    raise 'Unauthorized', 'Not callable TTW'

...


Florent

-- 
Florent Guillaume, Nuxeo (Paris, France)
+33 1 40 33 71 59  http://nuxeo.com  mailto:fg at nuxeo.com


More information about the Zope-Dev mailing list