[Zope] security problems

Aleksander Salwa ololo@zeus.polsl.gliwice.pl
Fri, 17 Nov 2000 10:12:19 +0100 (CET)


On Fri, 17 Nov 2000, Bowyer, Alex wrote:
> I have one method index_html which should be viewable by anonymous.
> All other methods should only be viewable when a username/password is
> entered for someone with the role I have called UAAdmin
[...]
> I can only seem to get full access to all pages (if I grant a proxy on
> index_html) or password access required on all items (by specifying
> permissions for the class instance) neither of which are the correct
> solution.

You can define different security settings for every method in your ZClass
using 'Define Permissions' management tab. These permissions are unique
for every method. There you can define, which permission is needed to view
your method.

ololo@zeus.polsl.gliwice.pl

/--------------------------------------\
| `long long long' is too long for GCC |
\--------------------------------------/