Fwd: [Zope3-Users] How to publicly add object to Zope component
Hello Thanks very much for your pointer. I finally figure it out Basically in my $ZOPE_HOME/lib/python/my_project/browser/configure.zcml, I add browser:view for=isw.ConferenceGoer.IConferenceGoer name=+ class=zope.app.container.browser.adding.ContentAdding permission=isw.Register --- my own custom permission in permissions.zcml /browser:view That is how you can modify the permission for adding view (site/+/Add...) Martin 2005/10/28, Martin Margo [EMAIL PROTECTED]: Martijn thank you for responding. My response is below 2005/10/28, Martijn Faassen [EMAIL PROTECTED]: Martin Margo wrote: [snip] How do I make site/+/AddConferenceGoer.html= publicly available without being prompted for a password? Is there a configuration file somewhere I can set this up? I've ran into this one. The problem is that the '+' view registered by Zope 3 is not allowing access by people who don't have Zope management permission. Another point: I have tried granting zope.anybody Zope.ManageContent permission and site/+/AddConferenceGoer.html is now available but the user can manipulate the URL to go in and modify other people's info. I don't think this is a very good approach, as you'd give zope.anybody an awful lot of rights all of a sudden. I agree. I don't want to use this. I want to finegrained the permission for edit and add. I want to be able to assign a certain permission myown.Permission1 for add and myown.Permission2 (assuming that the 2 keyword are in permission.zcml) Anyway, this is how you can register your own adding (+) view for a particular content type: view for=path.to.ISomeInterface name=+ class=zope.app.container.browser.adding.ContentAdding permission=myownPermission /view I tried this and it complains because the parameter type is missing. Looking at von Weitershausen's book, identifier 'type' and 'factory' are needed. What should the value be for those variable if I want to overrride + view? Thanks in advance Martin of course if you make permission 'zope.Public', you'd still be exposing the add view for your particular content type (all the ones that implement ISomeInterface) to the whole world, so be careful not to do this to normal IFolder, for instance, unless you really really want that. Good luck! Regards, Martijn ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
Re: [Zope3-Users] How to publicly add object to Zope component
Martijn thank you for responding. My response is below 2005/10/28, Martijn Faassen [EMAIL PROTECTED]: Martin Margo wrote: [snip] How do I make site/+/AddConferenceGoer.html= publicly available without being prompted for a password? Is there a configuration file somewhere I can set this up? I've ran into this one. The problem is that the '+' view registered by Zope 3 is not allowing access by people who don't have Zope management permission. Another point: I have tried granting zope.anybody Zope.ManageContent permission and site/+/AddConferenceGoer.html is now available but the user can manipulate the URL to go in and modify other people's info. I don't think this is a very good approach, as you'd give zope.anybody an awful lot of rights all of a sudden. I agree. I don't want to use this. I want to finegrained the permission for edit and add. I want to be able to assign a certain permission myown.Permission1 for add and myown.Permission2 (assuming that the 2 keyword are in permission.zcml) Anyway, this is how you can register your own adding (+) view for a particular content type: view for=path.to.ISomeInterface name=+ class=zope.app.container.browser.adding.ContentAdding permission=myownPermission /view I tried this and it complains because the parameter type is missing. Looking at von Weitershausen's book, identifier 'type' and 'factory' are needed. What should the value be for those variable if I want to overrride + view? Thanks in advance Martin of course if you make permission 'zope.Public', you'd still be exposing the add view for your particular content type (all the ones that implement ISomeInterface) to the whole world, so be careful not to do this to normal IFolder, for instance, unless you really really want that. Good luck! Regards, Martijn ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
[Zope3-Users] How to redirect to a view after adding an object
Hello Sorry if this was asked before. I did some basic search and couldn't find anything. I am new to Zope3 myself. After reading Stephan and Von Weitershausen's book on Zope 3, I begin building my own web application. My question is : After my user adds a new custom object (type CandyBar) through http://site/+/AddCandyBar.html=, how do I redirect the user to a custom view (the custom view is called browser/CandyBarPurchaseConfirm.pt)? this page template thanks the customer, print the fields of candy bar entered by the user. Thanks in advance ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users
[Zope3-Users] How to publicly add object to Zope component
Hello This is my first post. I am working on a Zope3 project in which anonymous user /zope.anybody should be able to add objects (register for a conference) themselves but should not be able to view or edit them once their added (with exception of a confirmation page and email). My problem is, using ZMI's localhost:8080/+/AddConferenceGoer.html= always prompt me for a username and password below is my browser/configure.zcml browser:addMenuItem title=Conference goer class=isw.ConferenceGoer.ConferenceGoer permission=zope.Public view=AddConferenceGoer.html / browser:addform schema=isw.ConferenceGoer.IConferenceGoer content_factory=isw.ConfenceGoer.ConferenceGoer label=Add a Conference Goer name=AddConferenceGoer.html permission=zope.Public set_before_add=name / How do I make site/+/AddConferenceGoer.html= publicly available without being prompted for a password? Is there a configuration file somewhere I can set this up? Another point: I have tried granting zope.anybody Zope.ManageContent permission and site/+/AddConferenceGoer.html is now available but the user can manipulate the URL to go in and modify other people's info. How do I separate the permission to edit object and one to add object? Thanks in advance Martin ___ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users