On 4/28/05, Gregor J. Rothfuss <[EMAIL PROTECTED]> wrote:
> [EMAIL PROTECTED] wrote:
> > (Does the new "plug-in" architecture make it easier to have
> > different functionality within one publication?)
> yes, that's the main intent
Good. Then "one publication = one website" should be the guiding philosophy.
Security (users, groups, roles) is already limited to one publication.
- A "Server Admin" with access to everything is tempting. If there
are standard functions IsVisitorInRole() and IsVisitorInGroup(), they
could always return true for ServerAdmins, but there will probably be
too much custom code for that to handle all cases. Things like "If in
Group1, show this, else if in Group2, show that, else show something
different." It would probably be better if it was possible to force
the ServerAdmins into every publication, and automatically add them to
all new publications. In the beginning, the Groups may need to be
assigned manually. One ServerAdmin FileUser could be used for
multiple publications if Group names knew the publication name:
<group publication="default"> or
<publication id="default">groups</publication>
The latter is probably better, since it forces the groups for one
publication to be kept together.
Search should always be limited to one publication. My last post
suggested using a common index for multiple publications, but that can
be added later if needed.
Security for search is handled in my code. The hardcoded
configuration expects "StartOfUrlAfterLive,Group1,Group2". That
should be created from an XML config file.
I am handling security for documents in XSL. Again, I hardcoded the
configuration. It would be good to use the security config file, and
have the document display process interrupted in the sitemap. Can
this be done without requiring every publication-sitemap.xmap to check
security? Need to allow customization of the "Not Allowed" return
page."
Several threads ask about using different XSL for different content
paths. Doctype is currently the primary decision maker for choosing
XSL. Doctype should determine the "doctype2xhtml.xsl", but the
"page2xhtml-doctype.xsl" should change to "page2xhtml-pathstyle.xsl".
Once the security configuration is XML, this information could be
stored there:
<section start="/index" style="homepage"/>
<section start="/employee"><allow><group>employee</group></allow></section>
<section start="/special" style="special"/>
<section start="/*" style="default"/>
/index* uses page2xhtml-homepage.xsl
/employee documents can only be seen by visitors in the employee group.
/special uses page2xhtml-special.xsl
Everything else use page2xhtml-default.xsl
Should xslt/page2xhtml be added automatically, or should the style be
the full filename:
style = "xslt/page2xhtml-homepage.xsl"
The config should decide if:
1. The document can be displayed to this visitor. NO = content
replaced with standard page (hopefully including link to login.)
Allow return page to be overridden.
2. The document is displayed on the menus.
3. What style is used.
<section start="/path" [style="stylename" |
stylepath="/xslt/page2xhtml-mystyle.xsl"]>
<allow [visible="none|menus|sitemap"] [errorPage="loginPage" |
errorUrl="/signup.html"]>
<group>Group</group>
<role>Role<role>
</allow>
<deny>Assume all if allow exists. Same parameters and elements as allow.</deny>
</section>
My Employee section is only visible if an employee logs in, but many
sites would want the "Members" section to be visible but go to a
"Please register" page if clicked. I have other pages not appearing
in the menus because they are accessed through links in the footer of
every page, but they are on the sitemap ("Legal Terms and
Conditions").
Is there existing functionality for displaying a Sitemap? (I created my own.)
Did I miss something useful? Opinions?
solprovider
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
