[Zope] Security issues
Andreas Jung
lists at andreas-jung.com
Sun May 1 08:27:07 EDT 2005
--On Sonntag, 1. Mai 2005 13:02 Uhr +0100 cla <clark2 at net.sapo.pt> wrote:
> Hi!
>
> Im developing a portal using, zope and i had been some
> problems with the security of some template pages that
> I have created. Those pages are accesible just puting
> the correct path in the url, even if they are only for
> manager access. I have already try the security tabs that
> are associated to witch document, but with no sucess.
>
> What can i do to resolve this big problem.
You have add security assertion to file based templates through .metadata
files.
If foo.pt is your template then create a file foo.pt.metadata containing:
[security]
View=0:Manager
Means that the View permission is only granted to Managers and that the
permission
is not acquired (same the corresponding flag in the ZMI).
-aj
More information about the Zope
mailing list