[Zope3-dev] Initial thoughts on the Zope3 security framework

John D. Heintz jheintz@isogen.com
10 Dec 2001 18:15:03 -0600 

This reminds me very much of some versioning-web ideas that I've been
involved in.  Briefly, some versioned resource exists and is managed in
one place while the hierachy of Zope folders can refer to specific or
logical versions of that resource.

As a quick example I'll use RCS and the standard draft-public workflow. 
This example is good, but doesn't address multi-document versioning and
state changes - I've got some ideas for those but am trying to finish a
paper and get it on our web site soon to really describe them.

The example:
1) In my private folders (or my groups folders for shared authoring) I
create a Versioned document (company logo), and for this example name
the HEAD branch "Draft".  

2) I make some number of changes, and save some of those changes as
permanent version.

3) Finally, I decide that I like what I've done enough to publish it. 

4) I promote (not a good name, but I hope intuitive) this versioned
document to some publicly visible folder and:
  a) either acquire or set some visibility permissions
  b) choose to promote this on a branch "Public"
This has the effect that my RCS file now has a branch tag "Public" with
the latest version on it.

5) I can make many more changes to my document locally without affecting
the visibilty of the "Public" version.

6) Some time later I choose to promote that current "Draft" version to
"Public".  This results in the publicly visible version now showing
newer content, and the RCS file has another version on the "Public"
branch.

Some things that I think are important here:
- Step 1: Versioned documents may be available for shared edit.  Kind of
a shared sandbox.
- Step 2: Even though many changes may me made to the versioned
document, not all of them need to be commited.
- Step 4: The same version (at this step anyway) shows up at two places
in the Zope navigation.  This has interesting path, id, and security
implications.


John

On Mon, 2001-12-10 at 17:42, Martijn Faassen wrote:
> Paul Everitt wrote:
> [snip]
> > Hmm, this reminds me of something from the versioning proposal.  In 
> > versioning, the same logical piece of content might appear in multiple 
> > places in the tree.  A placeless repository manages the authoritative 
> > version.
> 
> Why not one place being the authorative place? I mean, that's definitely
> a use case as well. Imagine you have several publications online, 
> including one legal publication. All publications quote the legal
> publications, which is the authorative one. People with permissions to
> edit that place may edit it, others may only refer to it.
> 
> > With this in mind, allowing security information to apply once to a 
> > logical piece of content, even it's placefull in multiple places, seems 
> > kind of intriguing.
> 
> But not always what you want, as the previous example shows, I think
> 
> Regards,
> 
> Martijn
> 
> 
> _______________________________________________
> Zope3-dev mailing list
> Zope3-dev@zope.org
> http://lists.zope.org/mailman/listinfo/zope3-dev
> 
-- 
John D. Heintz | Senior Engineer

1016 La Posada Dr. | Suite 240 | Austin TX 78752
T 512.380.0347 | jheintz@isogen.com

http://www.isogen.com