Many web services use this method for content sharing; they generate a random 'secret' URL that you can pass to friends etc. to share stuff.
What would be the right way to do this on zope3/plone3? Any examples, or existing implementations? How about simply this: 1) interface "ISecretURLAccessible" - with three methods: generateSecretURL, getSecretURLs & removeSecretURL 2) adapter from any IAttributeAnnotatable content to ISecretURLAccessible - implements the API, storing URLs as annotations 3) a form for managing generated secret URLs - shows current list of secret URLs, provides means for removing them, and generating new ones 4) a view such called "secret" registered for ISecretURLAccessible - checks the last part of the URL, trying to match it to the list returned by getSecretURLs - if a match is found, bypasses security checks and serves the content Something I forgot there? How exactly would the security bypass be done? Also, it would be more elegant to hook into URL traversal of all content implementing ISecretURLAccessible, somehow, so that the check could be done without registering a new view, polluting namespace with a hardcoded view name. Alas, I have no idea how to do that, any pointers? It would also be nice to have the set of URLs valid only for a certain duration, ie. autoexpire, but I'll leave that for the second version ;-) Thanks, Petri _______________________________________________ Product-Developers mailing list [email protected] http://lists.plone.org/mailman/listinfo/product-developers
