[Zope] how to prevent URL access to an external method?

Andreas Jung lists at zopyx.com
Tue Apr 28 11:09:14 EDT 2009


Use a BrowserView?!

-aj

On Tue, Apr 28, 2009 at 17:04, Pedro LaWrench <pedrolawrench at yahoo.com>wrote:

>
> I need to do something on the filesystem, which requires unrestricted
> python, so I created an external method. The problem is that anyone can call
> that directly via URL, so I added a permission check. Even then, users with
> the sufficient permissions can call this via URL, which I don't want them to
> do. I only want them to have access indirectly from other pages (such as a
> page template that will pass sane parameters). Is there anyway to do this?
>
> Thanks,
> PL
>
>
>
> _______________________________________________
> Zope maillist  -  Zope at zope.org
> http://mail.zope.org/mailman/listinfo/zope
> **   No cross posts or HTML encoding!  **
> (Related lists -
>  http://mail.zope.org/mailman/listinfo/zope-announce
>  http://mail.zope.org/mailman/listinfo/zope-dev )
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.zope.org/pipermail/zope/attachments/20090428/8377c5b4/attachment.html 


More information about the Zope mailing list