[Openflow-dev] Re: Bug report for openflow 1.0.6

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Hello again,

let me reply inline:

On Friday 18 April 2003 12:11, Soren Roug wrote:
> On Friday 18 April 2003 11:39, Daniele wrote:
> > 1) in the applications I realize with OF adding properties is something I
> > do to instances any time, not only upon their creation. Usually the roles
> > I create for users do have the manage_properties permission to be able to
> > create del and change properties. Nevertheless your proposal is
> > definitely on-target: it's bothersome having to remember to add this
> > permission to the users' role.
>
> I am concerned about side-effects to other objects if a clueless
> zopeadministrator just gives manage_properties to Authenticated-role at the
> toplevel.

I usually don't give this permission at my application top-level. Usually I 
give this permission to appropriate users only on the OpenFlow object.

This allows for managing properties on the instances while leaving the 
outside application untouched.

> > What if I overload the manage_addProperty, manage_changeProperties and
> > manage_delProperties methods leaving them unchanged but protected by "Use
> > OpenFlow" permission (extending your feature request #2)?
>
> Sound OK to me. I'm not sure if manage_addProperty actually is protected
> with "Manage properties".

Yes it is.

> > On the other hand I often use the process instance as a container for
> > custom objects (instances of custom products) that I implement the way I
> > most like, allowing them to use whatever method (protected in whatever
> > way I prefer). This means that often properties are recorded on these
> > objects rather than on the instance itself. This allows for a finer
> > grained permission handling for you user roles. But this solving of the
> > issue requires you to build your custom product, and this is bothersome
> > anyway, for as simple you make it.
>
> I was thinking of putting files and images there. Haven't though about
> custom objects yet.

Oh, ok. Remember giving your user roles the "Add Documents, Images, and 
Files" permission. Again, a good place for this permission is the OpenFlow 
object, so that users can add those objects to a process instance.

> > 2) reply to feature 2 is included in the solution above, I guess.
> >
> >
> > Thanks a lot for your effort in making OpenFlow more usable,
> > 	Daniele =)
> >
> > PS: did you subscribe to the openflow-dev mailing list? It's at:
> > http://lists.sourceforge.net/lists/listinfo/openflow-dev
>
> Didn't know it existed until now.

Now you know =)

> I still have problems with the "View management screens" permission. I hope
> you consider rewriting History.zpt into DTML.

Yes I'm considering it, but I'll try figure out a possible different solution 
since a like PageTemplates much better than DTML. Anybody can help?

Anyway probably this will be scheduled after some more urgent work.

> I might be able to contribute some developer resources to this, but we'll
> have to evaluate the product further at EEA first. Everybody is on Easter
> vacation so it will take a while.
>
> Soren Roug

Sure. I hope you'll want to use the product. =)

	Daniele =)

-- 
Daniele Tarini - Research & Development - Icube S.r.l.
Address:        Via Ridolfi 15 - 56124 Pisa (PI), Italy
E-mail: d.t...@ic...     Web:    http://www.icube.it
Phone:  (+39) 050 97 02 07      Fax:    (+39) 050 31 36 588