Martijn thank you for responding. My response is below 2005/10/28, Martijn Faassen <[EMAIL PROTECTED]>: > Martin Margo wrote: > [snip] > > How do I make <site>/+/AddConferenceGoer.html= publicly available > > without being prompted for a password? Is there a configuration file > > somewhere I can set this up? > > I've ran into this one. The problem is that the '+' view registered by > Zope 3 is not allowing access by people who don't have Zope management > permission. > > > Another point: I have tried granting zope.anybody Zope.ManageContent > > permission and <site>/+/AddConferenceGoer.html is now available but > > the user can manipulate the URL to go in and modify other people's > > info. > > I don't think this is a very good approach, as you'd give zope.anybody > an awful lot of rights all of a sudden.
I agree. I don't want to use this. I want to finegrained the permission for edit and add. I want to be able to assign a certain permission myown.Permission1 for add and myown.Permission2 (assuming that the 2 keyword are in permission.zcml) > > Anyway, this is how you can register your own adding (+) view for a > particular content type: > > <view > for="path.to.ISomeInterface" > name="+" > class="zope.app.container.browser.adding.ContentAdding" > permission="myownPermission"> > </view> I tried this and it complains because the parameter type is missing. Looking at von Weitershausen's book, identifier 'type' and 'factory' are needed. What should the value be for those variable if I want to overrride "+" view? Thanks in advance Martin > > of course if you make permission 'zope.Public', you'd still be exposing > the add view for your particular content type (all the ones that > implement ISomeInterface) to the whole world, so be careful not to do > this to normal IFolder, for instance, unless you really really want that. > > Good luck! > > Regards, > > Martijn > _______________________________________________ Zope3-users mailing list Zope3email@example.com http://mail.zope.org/mailman/listinfo/zope3-users