You are not logged in Log in Join
You are here: Home » Members » ingeniweb » Group User Folder » README-plone
Log in
Name

Password

 
Link icon Forgot your password?
Print

README-plone

HOW TO USE THE GRUF WITH CMF/PLONE ?

ABSTRACT

Right out of the box, there is no reason why the GRUF shouldn't work with Plone... except the following facts :

  • Membership and Memberdata tools are not (yet ?) supported by the GRUF. We didn't find a generic enough way to do so by now.
  • The goal of GRUF within CMF is to allow using LocalRoles with Groups. But CMF/Plone, within skins, don't list ALL users but only the users registered in MemberData tool. As GRUF doesn't support MemberData, guess what happens...

SOLUTIONS

There are several ways to pass around those problems.

Once you're done with your Plone site creation (which is beyond the scope of this document), do the following things (they apply for both CMF and Plone).

IF YOU WANT TO KEEP YOUR EXISTING SET OF USERS...

  • Cut (not Copy) your CMF acl_users to a safe place (Examples Folder is right for this).
  • In your CMF root, instanciate a GRUF object. AT THIS POINT, DON'T EVEN TRY TO TEST YOUR CMF ! No users will be declared and there might be side effects with Member-related tools.
  • Cut or Copy your saved acl_users to GRUF/Users.

IF YOU DO NOT HAVE AN EXISTING SET OF USERS...

  • Delete the acl_users of your plone installation.
  • In your CMF root, instanciate a GRUF object. AT THIS POINT, DON'T EVEN TRY TO TEST YOUR CMF ! No users will be declared and there might be side effects with Member-related tools.
  • Create a UserFolder (Standard UserFolder, LDAPUserFolder, SimpleUserFolder or whatever) in your GRUF/Users. DO NOT CREATE USERS NOW. You will do so using the standard Plone interface ("join" link)

...THEN...

  • Create a UserFolder (Standard UserFolder, LDAPUserFolder, SimpleUserFolder or whatever) in your GRUF/Groups. Then you can create your groups now.
  • Go and set, within your GRUF/Users/acl_users, roles to your Users matching the groups you want them to belong to.

And then it works : you have the correct group behaviour with CMF. Be aware that Groups cannot be easily added to the system at this point ! Furthermore, it depends of your GRUF/Users/acl_users wether it's possible or not to "remotely" add users to your database (LDAP or SQL using external tools) and have them listed in Membership anyway. This is out of our scope by now.

The last trick is about Local Roles support. CMF/Plone always get users by fetching the Membership tool information. But even if your GRUF/Users/acl_users support "remote" user adding and your Membership tool support this, be aware that your GROUPS will not (and SHOULD NOT) be added to your Membership information. So if you want to add Local Roles to GROUPS, you have to edit the skin so that it finds users elsewhere. We provide a simple Plone implementation below.

And now, you can happily user Users and Groups without breaking your existing authentication rules (ie. without dropping your former acl_users)

BUGS / LIMITATIONS

Group appending is not supported (may not ever be) outside the ZMI

Local Roles management for groups need skin update (we didn't find a way to avoid this and it seems to be difficult to imagine adding a concept in a thing that doesn't support it by default).

SKIN UPDATE

Here is the modification you must apply to the skin. This is for PLONE only (because of the skin structure) but it is the same principle for CMF.

I tagged the modifications with HTML comments so that you can easily see them.

Skin you must customize : plone_forms/folder_localrole_form

Here it is: 

        <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
         "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

        <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en-US"
              lang="en-US"
              metal:use-macro="here/main_template/macros/master"
              i18n:domain="plone">

        <body>

        <!-- START MODIF PJG -->

          <div metal:fill-slot="main"
               tal:define="join python:modules['string'].join;
                           Iterator python:modules['Products.CMFPlone'].IndexIterator;
                           tabindex python:Iterator();
                           group_submit request/group_submit|nothing;
                           search_submitted request/role_submit|nothing;
                           search_results python:test(search_submitted, here.portal_membership.searchMembers( search_param=request.get('search_param','')
                                                                                                            , search_term=request.get('search_term', '') ), None);"
               >

        <!-- END MODIF PJG -->

            <metal:block tal:condition="python:test(search_submitted and not search_results, 1, 0)">
                            <h1 i18n:translate="heading_search_results">Search results</h1>
                            <p i18n:translate="no_members_found">No members were found using your <strong>Search Criteria</strong></p>
                            <hr />
            </metal:block>

            <metal:block tal:condition="python:test(search_submitted and search_results, 1, 0)">

                            <h1 i18n:translate="heading_search_results">Search results</h1>

                            <p i18n:translate="description_localrole_select_member">Select one or more Members, and a role to assign.</p>

                      <form class="group"
                      method="post" 
                      name="change_type" 
                      action="folder_localrole_edit"
                      tal:attributes="action string:${here/absolute_url}/folder_localrole_edit" >

                    <span class="legend" i18n:translate="legend_available_members">Available Members</span>

                    <input type="hidden" name="change_type" value="add" />

                            <span class="card" tal:repeat="member search_results">

                                <img src="defaultUser.gif" alt="Blank picture" border="0" width="75" height="100"
                                     tal:attributes="src python:here.portal_membership.getPersonalPortrait(member['username']).absolute_url()" />

                                <br />

                                                <input class="noborder" 
                                       type="checkbox"
                                       name="member_ids:list" 
                                       value=""
                                       tabindex=""
                                       tal:attributes="value member/username;
                                                       tabindex tabindex/next;"
                               />
                                                <br />

                                                <strong tal:condition="python:member['username']"
                                tal:content="python:member['username']">
                                                username
                                                </strong>

                                                <br />

                                                <span tal:condition="python:member['email']"
                                      tal:replace="python:member['email']">
                                                email
                                                </span>

Role to assign

Available groups

Select one or more Groups, and a role to assign.

Available Groups

Blank picture



username

Role to assign

Assign local roles to folder title

A local role is a way of allowing other users into some or all of your folders. These users can edit items, publish them - et cetera, depending on what permissions you give them.


Local roles are ideal in cooperation projects, and as every item has a history and an undo option, it's easy to keep track of the changes.


To give a person a local role in this folder, just search for the person's name or email address in the form below, and you will be presented with a page that will show you the options available.

Search Terms

Search by

Search Term

View groups

Groups are a convenient way to assign a set of roles to a common set of users. It is the best way to create a user aggragation

Currently assigned local roles in folder title

These users currently have local roles assigned in this folder:

Assigned Roles title

[0])" tal:omit-tag="not: member_url" tal:attributes="href member_url"> Blank picture[0]).absolute_url()" />

[0]!=username" tal:attributes="value python:lrole[0]; tabindex tabindex/next" />


[0]"> sequence-key;


Role(s):


[1], , )"> _.string.join( _['sequence-item'], , )

Copyright (c) 2011 Zope Foundation. All rights reserved. Legal | Contact
If you can read this text, it means you are not experiencing the Plone design at its best. Plone makes heavy use of CSS, which means it is accessible to any internet browser, but the design needs a standards-compliant browser to look like we intended it. Just so you know ;)