Re: [Zope] Python scripts

Laurence Rowe Fri, 06 Jul 2012 05:31:06 -0700

On 6 July 2012 14:09, Richard Harley <rich...@scholarpack.com> wrote:
> On Zope 2.10 is there a simple/universal way to only allow python scripts to
> be called by DTML methods or other python scripts and not directly TTW?


You can check that the script is not the published object with:

    if container.REQUEST['PUBLISHED'] is script:
        raise 'Forbidden'

For newer versions of Zope raise an exception object:

    from zExceptions import Forbidden
    if container.REQUEST['PUBLISHED'] is script:
        raise Forbidden('Script may not be published.')

Laurence
_______________________________________________
Zope maillist  -  Zope@zope.org
https://mail.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists -
 https://mail.zope.org/mailman/listinfo/zope-announce
 https://mail.zope.org/mailman/listinfo/zope-dev )

Re: [Zope] Python scripts

Reply via email to