please bear with my ignorance, because this is the first couple of day
I ever try Zope. It is super cool, but I should say that the
documentation is far from satisfaction.
Here is my problem:
The only API I can find to alter the properties of some object is
"manage_changeProperties". However, in order to execute this method in
my script, I have to give the "Manage properties" permission to
everyone, which may lead to severe security problems because the
method "manage_changeProperties" is web accessible, so a malicious
user can bypass my script and execute this method to change the
properties to whatever he want.
My questions are:
1, is there any API that can change properties of some object but can
not be accessed from the web?
2, is there any way to store a small piece of persistent data beside
using properties?
Thanx.
Derek
___
Zope maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope-dev )
