[Zope-CMF] How to provide both public/private Member areas

Norbert Marrale norbert@attira.com
Fri, 01 Jun 2001 16:48:42 +0200 

Hi Mark:

Since you can create / assign multiple roles to each user, you might want 
to look into creating two different sets of permissions: based on 
companies/identity, and on the member's publishing authorization 
(member/author/reviewer/etc.)

In each member folder, a private "incoming" folder should be created 
(with a method similar to the CMF Favorites folder), where other 
(properly authorized) members can post, but not view documents.

You can then build a second CMF method which lets members create these 
private documents. Instead of being added to their own folder tree, these 
documents would instead be added to the recipient's folder. Zope stores 
the document's owner, so he/she will be able to view his own documents 
and make modifications if needed; and because of inheritance, documents 
in a particular folder can acquire a set of rights from the folder 
they're stored in (viewable/editable by the recipient). 

Maybe I'm simplifying too much, comments from the list?

Norbert

--
On the Road of Life, 
there are Tourists and there are Travelers.
I'd rather be Traveling!

Norbert Marrale
norbert@infocatch.com


-----Original Message-----
From: Mark Langkau <mlangkau@execpc.com>
To: zope-cmf@zope.org
Date: Fri, 01 Jun 2001 08:23:39 -0500
Subject: [Zope-CMF] How to provide both public/private Member areas

>[..] 
> Specifics: There will be several hundred clients, where a client is
> actually a company/business. Members of this site will be employees of
> these clients/businesses. When a Member logs in , they should see info
> specific to their company (confidential), information specific to that
> Member (confidential), and some general info of interest to the entire
> site community (regulations, best practices, site announcements, etc.).
> A major concern to us is that Members should not be able to
> accidentally
> publish or in any way post any of the confidential info to public areas
> of the site. (I guess following the workflow model would prevent that.
> Reviewers could reject requests to publish confidential info). Finally,
> info that Members DO wish to publish should only be viewable by other
> employees of that same client/business. Those postings should be owned
> by the client, not the member. In other words, if the employee/Member
> leaves his business (and maybe joins a competitor which also in on this
> site), his postings remain with the client, not the Member (because
> they
> will be about the client and will contain confidential info).
> [..]