Introduction to collective.local.* packages at the Plone Open Garden 2013
1 like2,150 views
The document discusses Plone workspace packages that allow for delegated user and group management. The collective.local.adduser and collective.local.addgroup packages allow workspace managers to locally create users and groups without involving the site administrator. This provides a more streamlined process for managing access within workspaces that have many members. The packages add functionality to folders without requiring new content types or roles, making them flexible and minimally invasive additions to Plone.
Introduction to collective.local.* packages at the Plone Open Garden 2013
- 1. collective.local.* packages Light components for user management delegation Thomas Desvenain (Ecr辿all),PLOG 2013 thomasdesvenain@ecreall.com https://github/tdesvenain
- 2. A Workspace in Plone A place where members share data with a certain level of self-management Easy to transpose into Plone: A folder where allowed users can share (and edit) contents and give rights to other people. Thomas Desvenain (Ecr辿all) 2/20 PLOG 2013 Sorrento
- 3. A Workspace in Plone Plone is good at Upload and organize contents our own way Grant users read and write access Grant sharing privileges to locally privileged users (a 束Workspace manager損 or 束Can share損 role) Providing views restricted to the content of the workspace (navigation portlet, etc) Much more Plone is not so good at: Locally delegating user management Communicate with users we share documents with Thomas Desvenain (Ecr辿all) 3/20 PLOG 2013 Sorrento
- 4. What we can do with collective.local.* products Locally delegate user creation with collective.local.adduser Delegate group management with c.l.addgroup Display workspace members listing with c.l.userlisting Send content by mail to other members with c.l.sendto Display group members in sharing table with c.l.deploygroups Having this in a set-up bundle with c.l.workspace We'll focus on collective.local.adduser and collective.local.addgroup Thomas Desvenain (Ecr辿all) 4/20 PLOG 2013 Sorrento
- 5. Technical approach Plone does almost all the job. We just need additional feature wich have to fit with any environment without altering it. No specific content type There is no Workspace, just Workspace features for folders Folder just has to provide an interface to get a feature Thomas Desvenain (Ecr辿all) 5/20 PLOG 2013 Sorrento
- 6. Technical approach Plone does almost all the job. We just need additional feature wich have to fit with any environment without altering it. No specific content type There is no Workspace, just Workspace features for folders Folder just has to provide an interface to get a feature Thomas Desvenain (Ecr辿all) 6/20 PLOG 2013 Sorrento
- 7. Technical approach No specific role Workspace managercan be a set-up of an existing role No role for Workspace member. Members are just all users with local roles No member list stored in any way Can theoretically be mixed with any other workspace system (collective.groupspaces,, collective.team...) Use existing Plone permissions as most as possible Thomas Desvenain (Ecr辿all) 7/20 PLOG 2013 Sorrento
- 8. Technical approach No dependency Each feature is entirely independent No setup No workflow or security settings (excepted in c.l.workspace) configure.zcml that setups feature for default folders minimal.zcml that sets up nothing Using Plone views as most as possible Thomas Desvenain (Ecr辿all) 8/20 PLOG 2013 Sorrento
- 9. collective.local.adduser The context: Dozens of workspaces Several new users / week One overwhelmed site administrator Trusted workspace managers Thomas Desvenain (Ecr辿all) 9/20 PLOG 2013 Sorrento
- 10. collective.local.adduser The problem: Create a user + give local access: not a fluent process Workspace manager asks Admin for user creation, Wait it is done..., Give the access, Notify the user. (When user receives the email, he has no right yet. 束This doesn't work!損) => Admin often does the whole job Thomas Desvenain (Ecr辿all) 10/20 PLOG 2013 Sorrento
- 11. collective.local.adduser Thomas Desvenain (Ecr辿all) 11/20 PLOG 2013 Sorrento
- 12. collective.local.adduser Thomas Desvenain (Ecr辿all) 12/20 PLOG 2013 Sorrento
- 13. collective.local.adduser collective.local.adduserallows a workspace manager to create user Users are created globally Roles are setup only on workspace requirements: Workspace manager locally needs 束Manage Users損 Workspace folder implements an interface collective.local.adduser.interfaces.IAddUser Thomas Desvenain (Ecr辿all) 13/20 PLOG 2013 Sorrento
- 14. collective.local.addgroup The context: Workspaces with dozens of members The problems: Sharing page turned unreadable Setting a role was critically slow (reindexObjectSecurity...) => Delegating group creation became essential Thomas Desvenain (Ecr辿all) 14/20 PLOG 2013 Sorrento
- 15. collective.local.addgroup Thomas Desvenain (Ecr辿all) 15/20 PLOG 2013 Sorrento
- 16. collective.local.addgroup Thomas Desvenain (Ecr辿all) 16/20 PLOG 2013 Sorrento
- 17. c.l.adduser + c.l.addgroup Thomas Desvenain (Ecr辿all) 17/20 PLOG 2013 Sorrento
- 18. collective.local.addgroup collective.local.addgroupallows a workspace manager to create groups Similar behaviour than collective.local.adduser requirements: Workspace manager locally needs 束Manage Users損 Workspace folder implements an interface collective.local.adduser.interfaces.IAddNewGroup Thomas Desvenain (Ecr辿all) 18/20 PLOG 2013 Sorrento
- 19. c.l.adduser + c.l.addgroup Thomas Desvenain (Ecr辿all) 19/20 PLOG 2013 Sorrento
- 20. collective.local.* Thank you for your attention thomas.desvenain@gmail.com vincent.fretin@gmail.com http://github.com/tdesvenain http://github.com/vincentfretin Thomas Desvenain (Ecr辿all) 20/20 PLOG 2013 Sorrento