[Zope] Re: How can I give the authority of writing in a certain folder of my Zope to the Anonymous user?

Josef Meile jmeile at hotmail.com
Wed Mar 23 06:48:17 EST 2005


> Thank you so much for you help and kind advice!
> By the way: Is there a way I can set the max-size of a folder? Then it
> will be more security.
You may try:

http://www.zope.org/Members/ccube/QuotaAW
http://www.zope.org/Members/ivo/QuotaFolder

if you are using CMF, then you can use:
http://www.zope.org/Members/ccube/CMFFolder

I also advice you to limit the file size a user can upload. If I'm not
wrong, there was a thread about this this or last month. Some body
posted a nice way of getting the size of the uploaded[1] file before
storing it on the ZODB.

[1]: Off course the file is uploaded in some temporal location in the
server (I think so, not sure) with the html form, but then the python
logic decides whether or not store it on the ZODB.

Ah, I also think a better alternative to the one I give you before,
would be to create a role lets say "Uploader", then give it the
"Add Documents, Images, and Files" permission and do a script with
the proxy role set to "Uploader". I think is more secure since you
can control from there the size of the uploaded files.

Regards,
Josef


More information about the Zope mailing list