[Zope-CMF] Proposed default workflow policy change

seb bacon seb@jamkit.com
Tue, 1 May 2001 20:16:21 +0100


* Shane Hathaway <shane@digicool.com> [010501 20:08]:
> I think the default workflow policy has generated a fair amount of
> confusion among CMF users.  Part of the policy is that new objects are
> not accessible by anyone but the creator and reviewers.  Items have to
> be published before they are accessible in any way.
> 
> I would like to propose we change this policy slightly.  One goal was to
> prevent random users from uploading random content that is immediately
> visible, which can be a security hazard. But this goal may be misguided
> because we're not talking about random users.  Presumably anyone who is
> a member has some degree of trust.  Sites where anyone can create a free
> acount usually verify the user's email address in some way, thus
> establishing minimal trust. There are other measures that can be taken
> to establish trust.  

I'm not entirely clear what the hypothetical situation which the
CMFDefault addresses is.  I presume it's grown out of the zope.org
workflow, but I have to say, I find that pretty unintuitive, too.  

If we assume a member has a degree of trust, might it not make just as
much sense for all 'private' documents to be viewable by all other
members?  The scenario which it addresses, which may be more instantly
recognisable by CMF developers, would be one where members have
collective responsibility for the content on a website, but
administrators have the final say over what goes 'live'.  Therefore
the whole publishing thing is geared around making content available
to anonymous users, and the only security constraint for members is
that only owners can edit content.

Just another idea, really.  But I think whatever is decided, the use
case scenario which the CMF is addressing should be made pretty clear
somewhere - that would help clear up confusion much more than trying
to second guess what users are expecting.

cheers,

seb