[Zope-PTK] Re: PTK security

[Shane Hathaway]

Paul Everitt wrote:
> If the content really wants to live outside the Member's area, just let
> them go to the right place and put it there.  (Note that, contrary to
> popular opinion, the PTK doesn't require content to live in the Member
> area.  The next version of the PTK will put the overlooked hyperlinks in
> the interface to let someone work in any folder they have permission to
> work in.)

True.

> I think the idea of magically transporting an object from one ID (URL)
> to another is bad in quite a number of ways.

It was never meant to be magical; the UI could make the operation quite
clear.  We decided to punt on this issue and go back to the way it
worked before.  But we left the functionality in there so that a
portal_workflow object could move objects if needed.

Another possible way to solve this would be with permission mappings. 
It's too bad they're so difficult to use.

Shane