Do not hardcode 'Modify portal content' permission for the 'Save' button (object_view actions)
The last commit describes almost everything. Previous commits are just there to improve guards on Python Scripts and External Methods.
One thing I'm not sure about is how to reuse Base_edit the use does not have 'Modify portal content' permission. I mean that the form action could point to a callable with an appropriate guard, and a proxy role so it can call Base_edit, but I think Base_edit itself will fail because proxy roles aren't inherited.
/cc @all