[Zope] how to prevent URL access to an external method?
Jaroslav Lukesh
lukesh at seznam.cz
Tue Apr 28 11:07:07 EDT 2009
Click at the Proxy tab at method with "View" permission
----- Original Message -----
From: "Pedro LaWrench" <pedrolawrench at yahoo.com>
I need to do something on the filesystem, which requires unrestricted
python, so I created an external method. The problem is that anyone can call
that directly via URL, so I added a permission check. Even then, users with
the sufficient permissions can call this via URL, which I don't want them to
do. I only want them to have access indirectly from other pages (such as a
page template that will pass sane parameters). Is there anyway to do this?
More information about the Zope
mailing list