Re: [Zope] Help with Edit This Page code?
Thanks, Amos, just what I asked for. But not (drats!) what I was really looking for. My users, who can edit pages in a specific folder only, will typically approach �their� pages as Anonymous users. Seem to me a passive test for AUTHENTICATED_USER will fail. Should there be a separate Log-in page before they approach their folder? Or perhaps a link visible to everyone that says something like� Page owner click <a href="force_login">here</a> to edit. �and then run your code?? (Does force_login exist?) Dave --- Amos Latteier <amos@aracnet.com> wrote:
At 04:46 PM 10/10/99 -0700, David Robson wrote:
Can someone please point me to code that will
<> display an �Edit this page� link on pages for
which
the viewer has edit permission <> redirect user to an �edit & save� window <> hide the link from other users
(I think there was a similar Q on the list some weeks ago but I can�t locate it now.)
Here's one way to accomplish this:
<dtml-if "AUTHENTICATED_USER.has_permissions('Change DTML Documents', this())"> <a href="manage_main">Edit this page</a> </dtml-if>
This DTML fragment looks to see if the current user has the 'Change DTML Documents' permission on the current object (this()) and if so, it displays a link to the manage_main method.
Note, you could define another permission if you wish, though if you wish to use standard Zope management screens you will need to give your users adequate permissions to use them.
In general you can send a user to a Zope management screen and only those options for which they have permissions, will appear in the management interface. This is in general what you want.
If you don't want to use the Zope management interface you can write your own methods for editing Zope objects, but you still need to make sure that the users have adequate permissions, or that you set proxy roles on the editing forms.
Good luck!
-Amos
P.S. A good way (in absence of exhaustive documentation of the internal workings of Zope) to figure stuff like this out, is to go to the management screens and see which URLS do what you want.
===== David Robson robson555@yahoo.com Computer Support Towson High School, MD, USA __________________________________________________ Do You Yahoo!? Bid and sell for free at http://auctions.yahoo.com
I remember seeing the following idea in a message about a month ago: 1. Create an object "force_login" whose default method just redirects to the URL you give it. 2. Give "force_login" permissions such that a login will be required. 3. Link <dtml-call "force_login(URL/of/manage/method)) -- Loren
-----Original Message----- From: zope-admin@zope.org [mailto:zope-admin@zope.org]On Behalf Of David Robson Sent: Monday, October 11, 1999 18:13 To: Amos Latteier Cc: zope@zope.org Subject: Re: [Zope] Help with Edit This Page code?
Thanks, Amos, just what I asked for.
But not (drats!) what I was really looking for.
My users, who can edit pages in a specific folder only, will typically approach their pages as Anonymous users. Seem to me a passive test for AUTHENTICATED_USER will fail. Should there be a separate Log-in page before they approach their folder? Or perhaps a link visible to everyone that says something like
Page owner click <a href="force_login">here</a> to edit.
and then run your code??
(Does force_login exist?)
Dave
--- Amos Latteier <amos@aracnet.com> wrote:
At 04:46 PM 10/10/99 -0700, David Robson wrote:
Can someone please point me to code that will
<> display an Edit this page link on pages for
which
the viewer has edit permission <> redirect user to an edit & save window <> hide the link from other users
(I think there was a similar Q on the list some weeks ago but I cant locate it now.)
Here's one way to accomplish this:
<dtml-if "AUTHENTICATED_USER.has_permissions('Change DTML Documents', this())"> <a href="manage_main">Edit this page</a> </dtml-if>
This DTML fragment looks to see if the current user has the 'Change DTML Documents' permission on the current object (this()) and if so, it displays a link to the manage_main method.
Note, you could define another permission if you wish, though if you wish to use standard Zope management screens you will need to give your users adequate permissions to use them.
In general you can send a user to a Zope management screen and only those options for which they have permissions, will appear in the management interface. This is in general what you want.
If you don't want to use the Zope management interface you can write your own methods for editing Zope objects, but you still need to make sure that the users have adequate permissions, or that you set proxy roles on the editing forms.
Good luck!
-Amos
P.S. A good way (in absence of exhaustive documentation of the internal workings of Zope) to figure stuff like this out, is to go to the management screens and see which URLS do what you want.
=====
David Robson robson555@yahoo.com Computer Support Towson High School, MD, USA
__________________________________________________ Do You Yahoo!? Bid and sell for free at http://auctions.yahoo.com
_______________________________________________ Zope maillist - Zope@zope.org http://www.zope.org/mailman/listinfo/zope
(Related lists - please, no cross posts or HTML encoding!
To receive general Zope announcements, see: http://www.zope.org/mailman/listinfo/zope-announce
For developer-specific issues, zope-dev@zope.org - http://www.zope.org/mailman/listinfo/zope-dev )
participants (2)
-
David Robson -
Loren Stafford