[Zope] security for ZPT-based Product

Andreas Pakulat apaku at gmx.de
Mon Jul 11 12:41:59 EDT 2005


On 11.Jul 2005 - 18:27:57, Milos Prudek wrote:
> 
> 
> How can I manage permissions for imported ZPT files?
> 
> Relevant lines from my Product:
> 
> from AccessControl import ClassSecurityInfo
> class MyClass(....):
>   security=ClassSecurityInfo()
>   comment_add_form=PageTemplateFile('zpt/comment_add_form',globals())
> 
> My goal is to limit access to comment_add_form to the Authenticated role only. 
> comment_add_form is on the filesystem, in my Product's zpt directory.

add a security.declareProtected('comment_add_form', '<right that is
granted to Authenticated users only>')

Where the second string would be one of the rights listed on the
security tab with in the ZMI. If that right is granted to the
authenticated user only, you have your access restrictions.

Andreas

-- 
Don't hate yourself in the morning -- sleep till noon.


More information about the Zope mailing list