[Zope-CMF] Security on Skins

Dieter Maurer dieter@handshake.de
Mon, 10 Sep 2001 22:48:32 +0200 (CEST)


Chris Withers writes:
 > If I want to limit access to a certain skin method (they're FS SQL Methods in
 > case you're wondering, but answers relating to Python Scripts, FS Python
 > Scripts, etc would also be welcome) how would I go about protecting them by a
 > given permission?
You would add a magic comment at its start, something like
#permission_<method>=Use database methods

When you plug the FS object into the Zope site, you
wrap the permission into an "AccessControl.PermissionRole"
and assign it to "<method>__roles__".

You can see how to proceed, when you look
at the end of "App.class_init.default__class_init__".


Dieter