michael nt milne wrote:
Well I said it was over and out but I have to respond to this latest post. I appreciate the help here and will be trying out some of the suggestions. Basically though, Zope permissions and security could be made a lot more usable. It's far too technically focused and this is the opinion of a few others as well. The whole ZMI interface could be put through a usability re-design to be honest and that's not even to comtemplate the security areas.

The ZMI is well known to be geeky. "For developers, by developers" might be its motto. If you have some concrete suggestions, by all means put them forth. Patches are even better.

Anyway, ACLs are ACLs. And if you don't know what you're doing, you can get into trouble real fast. Ever tried managing file security on a Windows machine with ACLs?

CMF (this includes Plone) provides a way to manage this complexity: workflow states. Each workflow has a set of permissions it manages, and a setting of these for each state. This is much more easily comprehended than infinite fiddling with the ZMI Security tab.

Also, as I recall, there was a "private plone site" howto on plone.org; dunno what happened to it.

"Building Websites with Plone"
Zope maillist  -  Zope@zope.org
**   No cross posts or HTML encoding!  **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )

Reply via email to