[Zope] how to prevent URL access to an external method?
Andreas Jung
lists at zopyx.com
Tue Apr 28 11:09:14 EDT 2009
Use a BrowserView?!
-aj
On Tue, Apr 28, 2009 at 17:04, Pedro LaWrench <pedrolawrench at yahoo.com>wrote:
>
> I need to do something on the filesystem, which requires unrestricted
> python, so I created an external method. The problem is that anyone can call
> that directly via URL, so I added a permission check. Even then, users with
> the sufficient permissions can call this via URL, which I don't want them to
> do. I only want them to have access indirectly from other pages (such as a
> page template that will pass sane parameters). Is there anyway to do this?
>
> Thanks,
> PL
>
>
>
> _______________________________________________
> Zope maillist - Zope at zope.org
> http://mail.zope.org/mailman/listinfo/zope
> ** No cross posts or HTML encoding! **
> (Related lists -
> http://mail.zope.org/mailman/listinfo/zope-announce
> http://mail.zope.org/mailman/listinfo/zope-dev )
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.zope.org/pipermail/zope/attachments/20090428/8377c5b4/attachment.html
More information about the Zope
mailing list