[Zope] Restricting access to Python Scripts

Thierry Florac thierry.florac@onf.fr
25 Jan 2002 09:44:05 +0100


On Fri, 2002-01-25 at 00:13, Brett Haydon wrote:
> Is there a strategy for restricting access to python scripts
> so that it can be accessed internally but not by calling the
> url through a browser?
> 
> A user should be allowed to call a page template that
> utilizes the script but not call the script directly. I
> guess I'm looking at restricting the context by which a
> script is called.

Just protect your Python scripts as usual by disabling anonymous access
on it, then add a proxy role to DTMLMethods which are supposed to call
this script...

Thierry