[Zope-dev] Re: Inhibit URL-traversal
Florent Guillaume
fg at nuxeo.com
Mon Feb 13 10:39:19 EST 2006
Dario Lopez-Kästen wrote:
> Greetings,
>
> for a product I am writing, i need to experiment with inhibiting
> URL-traversal to the methods and subobjects of it. I still wnat the
> methods and objects to be available via direct call, for instance:
>
> from a script or template:
> container.my_product_instance.some_method(...)
>
> but not
>
> http://some/url/my_product_instance/some_method?...
>
>
> In effect I am hiding that part of the zodb for external access-
>
> Also, can such a behaviour be imposed on templates (they being methods
> really) and Script(Python)s?
Have your methods accept a REQUEST=None optional argument, and if it's not
None then you were called through an URL. In that case you can redirect or
raise a Unauthorized or NotFound or whatever.
Florent
--
Florent Guillaume, Nuxeo (Paris, France) Director of R&D
+33 1 40 33 71 59 http://nuxeo.com fg at nuxeo.com
More information about the Zope-Dev
mailing list