Nikko Wolf wrote at 2005-6-7 14:25 -0600: > ... >- The primary purpose for the site's existence is to manage some > content files (text/ml) and allow a workflow process on those. > The workflow will likely change and hopefully will have minimal > programming changes when it does.
Look for "DCWorkflow" (distributed together with Plone) >- Users will have one of several roles: Author, Reviewer (of > which there are currently two types), and Editor. No problem... >- I do not want ANY access by unauthorized users. Obviously they > must be able to reach a login page, and get instructions on how > to request an account, password reset, etc. Put all content in a subfolder of your site and remove "View" and "Access contents information" from "Anonymous". >- Here's the complication -- each file will have potentially > multiple versions in process at once. Each version of a file > may have a different state, and I'd like to have a history of > all changes to each version as they go through the workflow. Indeed, a bit more complex. I would model a "file" as a folder like structure containing the various versions and give it the "right" behaviour. >- Once a file/version is submitted for review, any of the reviewers > may work on it, it is not necessary that one role preceded the other, > but it is required that a user in each role approve the file. What does that mean? Do you have "technical reviewer", "style revierwer", "aestetic reviewer", ... and require that at least one from each role approves? I do not think that you will find an out of the box solution for something like this. But, it is implementable with DCWorkflow... > ... >- We need to have good automated backup solution for the content > (as in mirroring the content on another host). There is a commercial Zope.com solution. We use mirrowed disks and a high availablity cluster. > ... >=============== >So my questions are: >0) Is DCWorkflow and a new Product [document type(s)] the way to go? I think so... >4) How does one secure a Zope+Plone site? One uses HTTPS and standard authentication. One tells the users that good passwords are essential. One does not store clear text password. -- Dieter _______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )