On Sep 6, 2006, at 12:35 PM, Chris Miner wrote:
Am Mittwoch, 6. September 2006 11:40 schrieb John Mettraux:
Hi Philipp,
On 9/6/06, Philipp Bracher <[email protected]> wrote:
Future solutions
----------------
A) We store the workitems in the magnolia way (same structure as
paragraphs) this allows to use the dialogs to manipulate them
(currently they are stored unfortunately as plain xml)
B) We refactore the dialogs so that they read and store from any
object (discussed here since a long time)
C) Support the solution above (deliver such a dialog and save
handler
implementation)
B is planed for 3.5 and A) would be wise anyway. C) could get
done if
you help to implement it
Nicolas & John: what do you think about A) should we enforce that? I
think there are other use-cases where we would like to have that
I'd love A) if workitems were stored "à la JCR" i.e. not relying on
any Magnolia layer. I think there are no counter-indications, aren't
they ?
Wouldn't direct access using the JCR api lead to bypassing all the
access
controls built into the Magnolia layer?
This is true. I think it is OK for the wf-engine to bypass the
security. The question is how we handle the the security in the
inbox. It is very difficult to define general rules. Are the acl
relied to the content (for example the activated page) used or do we
pass permissions to the wf repository itself. But how would you
define acls if you like to go beyond giving general read or write
access. There is now human readable hierarchy for that.
Therefore I think we need to handle this in the inbox by some rules.
They should base on the tied content in my opinion.
Philipp Bracher
----------------------------------------------------------------
for list details see
http://www.magnolia.info/en/magnolia/developer.html
----------------------------------------------------------------
