2025 Python Packaging Survey is now live!  Take the survey now

workflow and security settings for Plone

Navigation

Verified details

These details have been verified by PyPI
Owner
Maintainers
Avatar for davisagli from gravatar.com davisagli Avatar for esteele from gravatar.com esteele Avatar for evilbungle from gravatar.com evilbungle Avatar for hannosch from gravatar.com hannosch Avatar for optilude from gravatar.com optilude Avatar for timo from gravatar.com timo Avatar for wichert from gravatar.com wichert

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: GNU General Public License (GPL) (GPL)
  • Author: Martin Aspeli
Classifiers
Report project as malware

Project description

Introduction

plone.app.workflow contains workflow- and security-related features for Plone, including the sharing view.

It also supports the sharing.xml GenericSetup syntax, to add new roles to the “Sharing” page.:

<sharing xmlns:i18n="http://xml.zope.org/namespaces/i18n" i18n:domain="plone">
    <role
        id="CopyEditor"
        title="Can edit copy"
        permission="Manage portal"
        i18n:attributes="title"
        />
</sharing>

Changelog

2.0b1 - 2010-02-18

2.0a3 - 2009-12-27

  • Add support for GenericSetup roles removal in sharing.xml. This closes http://dev.plone.org/plone/ticket/9979. [dukebody, thanks optilude]

  • Use zope.site and declare missing package dependencies. [hannosch]

2.0a2 - 2009-12-16

  • Changed msgid box_search to label_search in sharing.pt. box_search have a different semantic in the header for the rendered search portlet. This closes http://dev.plone.org/plone/ticket/9752

  • Don’t include <q> tag in heading_currently_assigned_shares message. [vincentfretin]

2.0a1 - 2009-11-14

  • Specify complete package dependencies and some cleanups. [hannosch]

  • Changed default message from “User/Group” to “Name” for label_name msgid in sharing.pt. [vincentfretin]

  • Added support for the sharing.xml import/export syntax. [optilude]

1.2 - 2009-05-10

  • Use our own PloneMessageFactory. [hannosch]

  • Fixed deprecation warnings for use of Globals. [hannosch]

  • Specified package dependencies. [hannosch]

  • Display the userid in addition to the fullname if they are different. Fixes http://dev.plone.org/plone/ticket/8251. [csenger]

  • Adjusted a test to work with Zope 2.12. [hannosch]

  • Use safe_unicode() instead of str() to fix #7576. Fixes http://dev.plone.org/plone/ticket/8371. [csenger]

1.1.5 - August 18th, 2008

  • Correct UnicodeDecodeError in sharing-view when users or groups with non-ascii characters are searched. All parameters fetched from the request are strings, but _(u’Logged-in users’) isn’t. A string with non-ascii characters and a unicode-string can’t be joined. Fixes http://dev.plone.org/plone/ticket/7576 [csenger]

1.1.4 - July 24, 2008

  • Keep the icons for inherited and global roles when updating the sharing page after a search. This fixes http://dev.plone.org/plone/ticket/8313 . [wichert]

  • Sort the principals in the sharing page. Before they could reorder randomly when saving changes. [wichert]

  • Fix a logic error in sharing page view: role changes would appear to be lost when saving a view, while the were really applied. This fixes http://dev.plone.org/plone/ticket/8295 . [wichert]

1.1.3 - July 7th, 2008

  • Modify the inline (kss) search option in the sharing page to only search and not update the roles and search. This behaviour was unintuitive and possible very very slow. [wichert]

  • Update the sharing page to do nothing if the new set of roles is the same as the current set of roles. [wichert]

  • Update sharing code to only reindex once instead of twice. [wichert]

  • Only call reindexObjectSecurity from the sharing tab’s update_inherit method if the setting actually changed. This avoids an unnecessary, potentially expensive catalog reindex in many cases. [davisagli]

  • Update the search-result merging code based on the code from PlonePAS 3.6. [wichert]

  • Handle principals which can not be retrieved. This can occur in LDAP environments. [wichert]

  • Mark the security names as public so they can be imported everywhere and register them with Zope on startup so you can manage them via the ZMI or a GenericSetup profile. [wichert]

1.1.0 - April 21, 2008

  • Protect the “sharing” form against CSRF attacks. [witsch]

1.0.7 - March 9, 2008

  • Created fine-grained permissions for delegating sharing page roles in order to avoid people with a delegated permission escalating their own privileges. This can now be controlled at a high level by the “Sharing page: Delegate roles” permission, which controls access to the Sharing page machinery, and at an individual roles basis, with permissions like “Sharing page: Delegate Editor role”. http://dev.plone.org/plone/ticket/7652

  • Stopped people from locking themselves out by disabling the ability to edit their own roles.

  • Added friendly “Changes saved” message. http://dev.plone.org/plone/ticket/6966

  • user_search_results() now searches in login name as well as fullname. Fixes http://dev.plone.org/plone/ticket/6853 [erikrose]

  • Factored up the duplicated logic from user_search_results() and group_search_results() to form _principal_search_results(). [erikrose]

0.1

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page