...
i don't want him to be able to directly access (read/write) the
database i am using. *AFAIK*, ZSQLMethods won't do for this.
Then put constraints in on your database, or make the whole connection
read-only.
I want to have full access rights on the database through the external
methods.
Usually you dont want that. Sane security constrains on database save
you a lot mistakes if done right. You can also use views and stored
functions to further tighten your security.
Bad done external methods are more likely to open security holes.
You're really buying nothing with all this other than wasting a lot of
your time...
I really hope i don't! :-) As Dieter said, my application is not a
conventional Zope application.
What is it instead? :)
I could say that, for this project, i am using Zope:
- as a much safer alternative to CGI
but not if compromized :)
- for its templating machinery
- because it is built on Python and the project is based on Python
- i like Zope :-)
Greets
Tino
_______________________________________________
Zope maillist - Zope@zope.org
http://mail.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )
