[Zope-CMF] DCWorkflow question

Leonardo Cáceres lcaceres@compuserve.com
Fri, 1 Feb 2002 17:14:43 -0500


Florent,

Thanks for the advice, but I have another question:

I do not know how to make the publish-guard script ?

Can I put a condition in the expression guard ? 

I already have an "allowed_reviewers" variable, how do I make the
comparision with the actual user ?

Thanks for all the help,

Leonardo.


-----Original Message-----

To: zope-cmf@zope.org
From: Florent Guillaume <fg@nuxeo.com>
Subject: Re: [Zope-CMF] DCWorkflow question
Date: Thu, 31 Jan 2002 18:02:00 +0000 (UTC)
Organization: Nuxeo


Leonardo Cáceres  <lcaceres@compuserve.com> wrote:
> Suppose that I am working with news item objects but I need different 
> kinds of reviewers depending on the subject of the News Item. That 
> means, there is just one role (reviewer) but the data has to be 
> filtered depending on one of the properties that the member has.

With DCWorkflow you can add a guard to the "publish" transition that
checks if the current reviewer has the right to publish the document.

Unfortunately, meanwhile, the document will still be in the "pending"
state so the worklist will be the same for all the reviewers.

To alleviate this, you can add to the workflow an "allowed_reviewers"
variable that gets set when the object is submitted, and that gets
checked both by the publish-guard script, and on the worklist side of
the problem you simply do the catalog request yourself for objects in
the state "pending" whose allowed_reviewers variable contains the user.

> In other words the member can change the state and view the content 
> object only if one of the properties of the object equals one of the 
> properties of the user.

On the "view" side of things, that is if you want to prevent non-allowed
reviewers from *seeing* the object (by guessing its URL for instance),
you could just add a check at the beginning of the view method of your
content class that checks that, if the document is in "pending" state,
the user is an allowed reviewer, otherwise return Unauthorized.