[Zope-CMF] [dev] CMF 1.4 alpha

Florent Guillaume fg@nuxeo.com
26 Feb 2003 16:01:55 +0100


On Wed, 2003-02-26 at 10:11, Chris Withers wrote:
> > Existing code checks for the "View" permission (by an ugly hack using
> > Title BTW) on the type information object (TI) to mean that users are
> > allowed to view instances.
> 
> I've never understood this complaint myself. Can you explain a bit more? 
> Maybe we can fix it for 1.4?

Well, that a permission on the TI be used to control the viewability of
instances seems a bit like a hack to me (although it's not without some
logic I must admit). I'd much have preferred to have in the TI an
explicit list of roles allowed to see the instances. Same thing for
creation.

Maybe it's not too late to switch, how do people use this feature? If
nobody uses local roles on the TI or types_tool itself (ugh) to specify
who has the View permission, put simply rely on the permission->role
mapping, then transparent migration would be possible.

> > To be coherent, we could check for "Add portal Content" on the TI to
> > mean that users are allowed to create instances. No need to add a new
> > permission.
> 
> Good call! Why didn't we think of using that permission...
> 
> > As the UI can easily check permissions (folder_contents does it
> > already), I think 2. is covered also.
> 
> Well, if the bug day comes, I'll definitely make this happen...
> 
> cheers,
> 
> Chris
> 
> PS: Florent, that damn news server is back in your messages again :-(

Hm sorry, it's always been there as we have no time to go patch that
system. Most of the time when I do a group reply by email there's no
problem though. I've just changed my newsreader config (trn) so that a
mail-replay will always do the correct thing (correct Cc notably), so I
don't need to use news-followup.

Florent

-- 
Florent Guillaume, Nuxeo (Paris, France)
+33 1 40 33 79 87  http://nuxeo.com  mailto:fg@nuxeo.com