[Zope] Newbie Questions (or maybe not... ;-)

Rik Hoekstra rik.hoekstra@inghist.nl
Wed, 02 Feb 2000 13:49:52 +0100


Chris Withers wrote:
> 
> Rik,
> 
> Thanks for the help with the second problem. Not entirely convinced about the
> first one though... it seems quite a lot of effort to go through just to stop
> people executing the methods on their own. Especially given that it sounds like
> you'd have to go through the process for each method, and in a big site I can
> imagine there'd be quite a lot of these :(

Not quite. You will have to create the methods anyway, even in a big
site and you could give them the proxy roles right at that time. Not
much extra work, i'd think. For clarity: the executing methods have
proxy roles, the executed just need to be protected

> 
> It's a shame there's no way to add a permission called 'execute' or similar to
> the security model. That permission could allow other objects to execute the
> method. You could then turn off the view permission, turn on the execute
> permission, and hey presto! problem solved...
> 

so, that's what proxy roles are for. More so if you'd define a role
called Execute. (and still, in either case you'd have to turn on the
execute permission on each method just the same).

Rik