Fwd: [Zope3-Users] How to publicly add object to Zope component
Hello Thanks very much for your pointer. I finally figure it out Basically in my $ZOPE_HOME/lib/python//browser/configure.zcml, I add <--- my own custom permission in permissions.zcml That is how you can modify the permission for adding view (/+/Add...) Martin 2005/10/28, Martin Margo <[EMAIL PROTECTED]>: > Martijn > > thank you for responding. My response is below > 2005/10/28, Martijn Faassen <[EMAIL PROTECTED]>: > > Martin Margo wrote: > > [snip] > > > How do I make /+/AddConferenceGoer.html= publicly available > > > without being prompted for a password? Is there a configuration file > > > somewhere I can set this up? > > > > I've ran into this one. The problem is that the '+' view registered by > > Zope 3 is not allowing access by people who don't have Zope management > > permission. > > > > > Another point: I have tried granting zope.anybody Zope.ManageContent > > > permission and /+/AddConferenceGoer.html is now available but > > > the user can manipulate the URL to go in and modify other people's > > > info. > > > > I don't think this is a very good approach, as you'd give zope.anybody > > an awful lot of rights all of a sudden. > > I agree. I don't want to use this. I want to finegrained the > permission for edit and add. I want to be able to assign a certain > permission myown.Permission1 for add and myown.Permission2 (assuming > that the 2 keyword are in permission.zcml) > > > > > Anyway, this is how you can register your own adding (+) view for a > > particular content type: > > > > > for="path.to.ISomeInterface" > > name="+" > > class="zope.app.container.browser.adding.ContentAdding" > > permission="myownPermission"> > > > > I tried this and it complains because the parameter type is missing. > Looking at von Weitershausen's book, identifier 'type' and 'factory' > are needed. What should the value be for those variable if I want to > overrride "+" view? > > Thanks in advance > > Martin > > > > of course if you make permission 'zope.Public', you'd still be exposing > > the add view for your particular content type (all the ones that > > implement ISomeInterface) to the whole world, so be careful not to do > > this to normal IFolder, for instance, unless you really really want that. > > > > Good luck! > > > > Regards, > > > > Martijn > > > ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
[Zope3-Users] How to redirect to a view after adding an object
Hello Sorry if this was asked before. I did some basic search and couldn't find anything. I am new to Zope3 myself. After reading Stephan and Von Weitershausen's book on Zope 3, I begin building my own web application. My question is : After my user adds a new custom object (type CandyBar) through http:///+/AddCandyBar.html=, how do I redirect the user to a custom view (the custom view is called browser/CandyBarPurchaseConfirm.pt)? this page template thanks the customer, print the fields of candy bar entered by the user. Thanks in advance ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
Re: [Zope3-Users] How to publicly add object to Zope component
Martijn thank you for responding. My response is below 2005/10/28, Martijn Faassen <[EMAIL PROTECTED]>: > Martin Margo wrote: > [snip] > > How do I make /+/AddConferenceGoer.html= publicly available > > without being prompted for a password? Is there a configuration file > > somewhere I can set this up? > > I've ran into this one. The problem is that the '+' view registered by > Zope 3 is not allowing access by people who don't have Zope management > permission. > > > Another point: I have tried granting zope.anybody Zope.ManageContent > > permission and /+/AddConferenceGoer.html is now available but > > the user can manipulate the URL to go in and modify other people's > > info. > > I don't think this is a very good approach, as you'd give zope.anybody > an awful lot of rights all of a sudden. I agree. I don't want to use this. I want to finegrained the permission for edit and add. I want to be able to assign a certain permission myown.Permission1 for add and myown.Permission2 (assuming that the 2 keyword are in permission.zcml) > > Anyway, this is how you can register your own adding (+) view for a > particular content type: > > for="path.to.ISomeInterface" > name="+" > class="zope.app.container.browser.adding.ContentAdding" > permission="myownPermission"> > I tried this and it complains because the parameter type is missing. Looking at von Weitershausen's book, identifier 'type' and 'factory' are needed. What should the value be for those variable if I want to overrride "+" view? Thanks in advance Martin > > of course if you make permission 'zope.Public', you'd still be exposing > the add view for your particular content type (all the ones that > implement ISomeInterface) to the whole world, so be careful not to do > this to normal IFolder, for instance, unless you really really want that. > > Good luck! > > Regards, > > Martijn > ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
[Zope3-Users] How to publicly add object to Zope component
Hello This is my first post. I am working on a Zope3 project in which anonymous user /zope.anybody should be able to add objects (register for a conference) themselves but should not be able to view or edit them once their added (with exception of a confirmation page and email). My problem is, using ZMI's localhost:8080/+/AddConferenceGoer.html= always prompt me for a username and password below is my browser/configure.zcml How do I make /+/AddConferenceGoer.html= publicly available without being prompted for a password? Is there a configuration file somewhere I can set this up? Another point: I have tried granting zope.anybody Zope.ManageContent permission and /+/AddConferenceGoer.html is now available but the user can manipulate the URL to go in and modify other people's info. How do I separate the permission to edit object and one to add object? Thanks in advance Martin ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users