Vladimir Petrovic wrote at 2005-10-6 17:44 +0300:
> ... restricting Web Publishing in specific folders ...
>I know this can be done by restricting View/Access Contents information 
>privileges for folders/scripts to the specific role and then giving DTML 
>methods proxy role. But, is there any other easier methods ?

There may be several alternative options:

  *  an "AccessRule"

     Two potential problems:
       -  they can be deactivated by the incomming request
          (but you can comment out the deactivating code)

       -  authentication has not yet taken place;
          the user identity is not yet known

  *  a "Post-Authentication-Hook"

     I think (but I am not sure) that Zope 2.8 has implemented them.

     If not, my Zope page contains a patch (for older Zope versions,
     will not work out of the box for Zope 2.8) for
     a "Post-Authentication-Hook" implementation.


Zope maillist  -  Zope@zope.org
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-dev )

Reply via email to