[Zope-CMF] [Bug] Publication workflow ineffective

Florent Guillaume fg@nuxeo.com
Wed, 20 Mar 2002 16:53:14 +0000 (UTC) 

>  > I consider that behaviour normal, the standard way to search a document
>  > in CMF is to search on review_state='published', which eliminates
>  > documents in the 'visible' state.
> This is not the case in my CVS version of CMF (from end of January).

Right, I'm biased by all the customization I make.

The thing is, allowedRolesAndUsers is there for one fundamental purpose:
that the catalog shouldn't return objects which the user won't be able
to see anyway.

You want to add to its semantics to make it deal with searchability. I
don't think that's needed or wanted.

I think a solution to you problem would be to add a workflow variable
called "Searchable", which would be set only if in the "published"
state, and which you would require when doing searches. That way you
aren't tied to the specific "review_state" variable.

Florent


> 
> And I do not think, it should be that way:
> 
>   *  Reviewers, Managers and the document owner should still be
>      able to find non-published objects through a search
>      (as was the case, before the "visible" introduction)
> 
>   *  tying catalog searches to the "review_state" would make it more
>      difficult to integrate additional workflows with CMF.  
> 
>  > Dieter Maurer  <dieter@handshake.de> wrote:
>  > > I just encountered a problem that has already been addressed in the mailing
>  > > list several times:
>  > > 
>  > >   Using DCWorkflow "CMF default workflow [Revision 2]" the publication
>  > >   workflow is ineffective, as all "visible" content is also globally
>  > >   searchable, i.e. published.
>  > > 
>  > > I think, this is due to the fact, that searchability is
>  > > controlled by "allowedRolesAndUsers" which in turn depends
>  > > on the "View" permission, and that the "visible" state has
>  > > to grant "View" to "Anonymous" in order to make this document
>  > > visible. But, this, too, makes it searchable.
>  > > 
>  > > The best solution, I see at the moment, would be to introduce
>  > > a new permission "Search" used by "allowedRolesAndUsers"
>  > > while "View" controls individual viewing.
>  > > 
>  > > Of course, this would not be nice, as "Search" should usually be
>  > > stricter than "View" and will often be identical to "View".
>  > > Are there better ideas?
-- 
Florent Guillaume, Nuxeo (Paris, France)
+33 1 40 33 79 10  http://nuxeo.com  mailto:fg@nuxeo.com