introduction to collective.local.* packages at the plone open garden 2013
TRANSCRIPT
collective.local.* packagesLight components for user
management delegation
Thomas Desvenain (Ecréall),PLOG [email protected]
https://github/tdesvenain
A Workspace in Plone
A place where members share data with a certain level of self-management
Easy to transpose into Plone:
A folder where allowed users can share (and edit) contents and give rights to other people.
Thomas Desvenain (Ecréall) 2/20 PLOG 2013 Sorrento
A Workspace in PlonePlone is good at
➢ Upload and organize contents our own way➢ Grant users read and write access➢ Grant sharing privileges to locally privileged users (a
« Workspace manager » or « Can share » role)➢ Providing views restricted to the content of the
workspace (navigation portlet, etc)➢ Much more
Plone is not so good at:➢ Locally delegating user management➢ Communicate with users we share documents with
Thomas Desvenain (Ecréall) 3/20 PLOG 2013 Sorrento
What we can do with collective.local.* products
➢ Locally delegate user creation with collective.local.adduser➢ Delegate group management with c.l.addgroup➢ Display workspace members listing with c.l.userlisting ➢ Send content by mail to other members with c.l.sendto➢ Display group members in sharing table with c.l.deploygroups➢ Having this in a set-up bundle with c.l.workspace
We'll focus on collective.local.adduser and collective.local.addgroup
Thomas Desvenain (Ecréall) 4/20 PLOG 2013 Sorrento
Technical approach
Plone does almost all the job. We just need additional feature wich have to fit with any environment without altering it.
No specific content type➢ There is no Workspace, just Workspace features for
folders➢ Folder just has to provide an interface to get a feature
Thomas Desvenain (Ecréall) 5/20 PLOG 2013 Sorrento
Technical approach
Plone does almost all the job. We just need additional feature wich have to fit with any environment without altering it.
No specific content type➢ There is no Workspace, just Workspace features for
folders➢ Folder just has to provide an interface to get a feature
Thomas Desvenain (Ecréall) 6/20 PLOG 2013 Sorrento
Technical approach
No specific role➢ Workspace manager can be a set-up of an existing role➢ No role for Workspace member.
Members are just all users with local roles➢ No member list stored in any way➢ Can theoretically be mixed with any other workspace
system (collective.groupspaces,, collective.team...)Use existing Plone permissions as most as possible
Thomas Desvenain (Ecréall) 7/20 PLOG 2013 Sorrento
Technical approach
No dependency➢ Each feature is entirely independent
No setup➢ No workflow or security settings (excepted in
c.l.workspace)➢ configure.zcml that setups feature for default folders➢ minimal.zcml that sets up nothing
Using Plone views as most as possible
Thomas Desvenain (Ecréall) 8/20 PLOG 2013 Sorrento
collective. local.adduser
The context:➢ Dozens of workspaces➢ Several new users / week➢ One overwhelmed site administrator➢ Trusted workspace managers
Thomas Desvenain (Ecréall) 9/20 PLOG 2013 Sorrento
collective. local.adduser
The problem:Create a user + give local access: not a fluent process
➢ Workspace manager asks Admin for user creation,➢ Wait it is done...,➢ Give the access,➢ Notify the user.
(When user receives the email, he has no right yet. « This doesn't work ! »)
=> Admin often does the whole job
Thomas Desvenain (Ecréall) 10/20 PLOG 2013 Sorrento
collective. local.adduser
Thomas Desvenain (Ecréall) 11/20 PLOG 2013 Sorrento
collective. local.adduser
Thomas Desvenain (Ecréall) 12/20 PLOG 2013 Sorrento
collective. local.adduser
collective.local.adduser allows a workspace manager to create user➢ Users are created globally➢ Roles are setup only on workspace
requirements:➢ Workspace manager locally needs « Manage Users »➢ Workspace folder implements an interface collective.local.adduser.interfaces.IAddUser
Thomas Desvenain (Ecréall) 13/20 PLOG 2013 Sorrento
collective.local.addgroup
The context:➢ Workspaces with dozens of members
The problems:➢ Sharing page turned unreadable➢ Setting a role was critically slow
(reindexObjectSecurity...)
=> Delegating group creation became essential
Thomas Desvenain (Ecréall) 14/20 PLOG 2013 Sorrento
collective.local.addgroup
Thomas Desvenain (Ecréall) 15/20 PLOG 2013 Sorrento
collective.local.addgroup
Thomas Desvenain (Ecréall) 16/20 PLOG 2013 Sorrento
c.l.adduser + c. l.addgroup
Thomas Desvenain (Ecréall) 17/20 PLOG 2013 Sorrento
collective.local.addgroup
collective.local.addgroup allows a workspace manager to create groups➢ Similar behaviour than collective.local.adduser
requirements:➢ Workspace manager locally needs « Manage Users »➢ Workspace folder implements an interface collective.local.adduser.interfaces.IAddNewGroup
Thomas Desvenain (Ecréall) 18/20 PLOG 2013 Sorrento
c.l.adduser + c. l.addgroup
Thomas Desvenain (Ecréall) 19/20 PLOG 2013 Sorrento
collective.local.*
Thank you for your attention
[email protected]@gmail.com
http://github.com/tdesvenainhttp://github.com/vincentfretin
Thomas Desvenain (Ecréall) 20/20 PLOG 2013 Sorrento