Hi. At Fri, 21 Oct 2005 23:01:55 -0700, Naotoshi Seo wrote: > > I got another trouble. I succeeded to show edit.html, but I could not > edit actaully. > > edit.html is an editview page. So, the html has post tag like > <post action="http://.../messageboardobject/edit.html"> > Therefore, same traverser trys to receive this posted action, and trys > to check password again (actually, and id) to find message object. > Therefore, I have to pass password and id which was posted before at > password.html using hidden field or some ways. Or, I have to specify > different page for <post action=""> . I have no idea how editview's > post action is working, so I am not sure specifying different page for > post action works, though.
I think that would be a different issue, you should separate a plan from "prohibit visitors from to access edit.html". ZCML's editform is not flexible, so it is hard to add one more field in auto-generated form. If you want to do, you may need zope.formlib package. But I have another idea. We can use session for making stateful application. then user doesn't need to post his password again. And this is a little trick make a container to show its content's editform. """ from zope.app.session.interfaces import ISession PACKAGE_NAME = 'your application name' class MessageEditView: def __init__(self, context, request): session = ISession(request)[PACKAGE_NAME] password = request.get('password') if password is None: password = session.get('password') message = getMessage(context, password) # please implement this:) session['password'] = password self.context = message # trick1 self.request = request self._setUpWidgets() <editform label="Edit Message" name="edit.html" for="IMessageBoard" schema="IMessage" <------ trick2 class="MessageEditView" permission="zope.ManageContent" menu="zmi_views" title="Edit Message" /> """ -- Tahara Yusei [EMAIL PROTECTED] _______________________________________________ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users