[Zope-CMF] Multiple author and reviewer roles in Zope CMF

Tres Seaver tseaver@zope.com
12 Feb 2003 18:41:16 -0500

On Wed, 2003-02-12 at 16:51, David Cain wrote:
> I would like to apply Zope CMF to our organization which is made up of
> numerous departments.  Each department has one or more managers
> (reviewers) and content providers.  Also, some managers cross
> departments, as well as content providers.
> I am doing this by creating only one role for Reviewer, another for
> Author and so on. In my user folder, I don't give any of these roles to
> my users. I go to the Security tab of the folder where I want to grant,
> say, user Fred, role Reviewer, click on "local roles", and make such a
> change.
> One thing I am seeing is new reviewers to a folder don't automatically
> see all documents pending review.  Example:
> Fred is a reviewer for the freddept/ folder which has 2 pending
> documents for review.
> Joe is a reviewer for the joedept/ folder 
> If Joe is now assigned to be reviewer for the freddept/ folder then Joe
> doesn't see pending documents for review.  Authors who have authored
> content in the freddept/ folder must retract and resubmit their content
> in order for Joe to see it.  
> Any ideas on ways around this, or is there an easier approach?

Hmm, I think that Florent Guillaume modified the skins / code which
change local roles to cause all content 

>From CHANGES.txt for CMF-1.3b2 (2002/07/07):

    - Made the security-related indexes of the portal catalog be updated
      for all impacted objects whenever local roles are changed (Tracker
       #494). This feature makes use of the 'path' index.

Can you confirm that you are seeing this problem on a version later than
that?  The 'setLocalRoles' method of the CMFCore membership tool does

    def setLocalRoles( self, obj, member_ids, member_role, reindex=1 ):
        """ Set local roles on an item """
        member = self.getAuthenticatedMember()
        my_roles = member.getRolesInContext( obj )

        if 'Manager' in my_roles or member_role in my_roles:
            for member_id in member_ids:
                roles = list(obj.get_local_roles_for_userid(
                               userid=member_id ))

                if member_role not in roles:
                    roles.append( member_role )
                    obj.manage_setLocalRoles( member_id, roles )

        if reindex:
            # It is assumed that all objects have the method
            # reindexObjectSecurity, which is in CMFCatalogAware and
            # thus PortalContent and PortalFolder.

Is it possible that you customized the skins which call this method, and
pass 'reindex=0' to it?

Tres Seaver                                tseaver@zope.com
Zope Corporation      "Zope Dealers"       http://www.zope.com