[Zope] __ac_permissions__
Chris Withers
chrisw@nipltd.com
Thu, 03 Oct 2002 13:05:56 +0100
Bo M. Maryniuck wrote:
> I whould like to add a method for my product that is accessible only for
> manager or but may be _called_ from other scripts,
What do you mean by scripts? if you mean file system python code like External
Methods or Products, then there's no problem.
If you mean Script (Python)'s, then the correct way to do it is to protect the
method with a permission that is mapped to the manager role and then give other
scripts that need to call it a Manager proxy role.
> which can be called from
> the world. Why should I put exactly to the __ac_permissions__?
You shouldn't be using __ac_permissions__. Go read the ZDG on how you're
supposed to do product security nowadays.
cheers,
Chris