[Zope] prevent direct (only) access from url

Joachim Werner joe@iuveno-net.de
Tue, 15 May 2001 01:42:05 +0200


> my problem is, that i have the users stored in database and
> a cookie based access control. for this reason it would very helpful to me
> to have docs that can only called from other docs, but not from the url
> (browser)

This is possible. One solution that comes to my mind is that you invent a
new role, let's say "DocumentCaller", and just assign the view and "Access
contents info" permissions to that role, not to the users of your site. Then
you can give all your "master documents" a prxy role "DocumentCaller", and
there you go ...

Joachim