[Zope-PTK] Debugging PTK II

Fabio Forno sciasbat@inorbit.com
Wed, 16 Aug 2000 17:26:36 +0200


Shane Hathaway wrote:

> I'm glad you found a way to solve this problem but we've been pushing
> for a better solution to the publishing permission dilemma.  The change
> you suggested above, without some change to the permissions mechanisms,
> would make it so that even though members are allowed to view the
> object, they can't search for it.  We need to maintain consistency.
> To maintain that consistency, allowedRolesAndUsers() must return a
> complete list of roles and users allowed to view an object regardless
> of its publishing status.  If there is a bug in its current way of
> accomplishing that, then it needs to be fixed.  In my limited testing
> it always included "Anonymous" in the list of roles allowed to view the
> object.
>

I don't get the point. In this way allowedRolesAndUsers() remains the
same, but it cheks also the review_state to grant the View permission.
Problems could arise only when applying more complex publishing policies
(i.e. some content viewable only by a part of the the members, some else
also by guests an so on)
 
> Now, it makes sense for a change in the publishing status to generate a
> change in the effective permissions on an object.  Formerly, to solve
> this problem PTK would manually change the role to permission mappings
> on an object when its review_state was changed.
> 
> This is debatable, but I believe it would be more sensible to
> physically move the object to a "published" area and leave its role to
> permission mappings alone.  The object would inherit the permission
> settings of the containing folder.  This would have the added benefit
> of making PTK seem more like a publishing framework.
> 
> Comments?

I agree, in this way It should be possible to manage consistently the
cases I've written above (different publishing areas for different
categories of users)

ByE,
Fabio Forno