Sorry, you are correct, I meant to say from restricted space.  The external 
method is what gives me access to unrestricted python.  I do plan on using 
Tres' method.



----- Original Message ----
From: Lennart Regebro <rege...@gmail.com>
To: Pedro LaWrench <pedrolawre...@yahoo.com>
Cc: Jaroslav Lukesh <luk...@seznam.cz>; zope@zope.org; Tres Seaver 
<tsea...@palladion.com>
Sent: Tuesday, April 28, 2009 11:12:20 AM
Subject: Re: [Zope] how to prevent URL access to an external method?

On Tue, Apr 28, 2009 at 18:25, Pedro LaWrench <pedrolawre...@yahoo.com> wrote:
>
> What would you change on the security tab?  I still want my authenticated 
> users to have access to the method as a call to it is made from unrestricted 
> space (such as a page template)

A page template is restricted. If it really was unrestricted it would
be called from Python code on the hard disk, and then you wouldn't
need the external method.

> I just don't want them to call the method directly.

So Tres method is the simplest one that does just this.

-- 
Lennart Regebro: Python, Zope, Plone, Grok
http://regebro.wordpress.com/
+33 661 58 14 64



      
_______________________________________________
Zope maillist  -  Zope@zope.org
http://mail.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope-dev )

Reply via email to