[Zope] "Private" objects?
Lennart Regebro
regebro at nuxeo.com
Tue Feb 3 11:44:00 EST 2004
From: "Kirk Strauser" <kirk at daycos.com>
> I have a Python script named "doSecretStuff" in the root of the site's
> folder. Now, I want to be able to call that script from DTML documents
> and other Python scripts, but I *don't* want end users to be able to
> visit http://www.example.com/doSecretStuff to execute it directly.
>
> Can Zope's security model handle this?
Well, you then have to give the dtml documents and python scipts that should
call this script proxy roles so that they have roles and permissions that
the users themselves doesn't have.
More information about the Zope
mailing list