Skip to content


Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Fetching contributors…

Cannot retrieve contributors at this time

119 lines (76 sloc) 3.9 kb
- Allow folder contents UI ("Contents" tab) sorting by name and by type.
- Create object map management UI (view relationships, view paths, view
- Create workflow management UI.
- Import/export from folder contents view.
- Add Undo tab to Site (or per folder?) which will allow admins to undo recent
transactions. Implied: add transaction notes to all transactions.
- Stamp created objects with creator information?
- Stamp created objects with created date info?
- Allow services to be added to services folder via add view UIs.
- Allow indexes to be added-to/removed-from catalog service.
- Allow reordering of resources in folder contents view when the folder is
- Substance D ACLs contain object identifiers which refer to principals.
Currently, when a principal is deleted, ACLs which refer to the principal
are not adjusted. This is both a security issue and a sanity issue. The
object id of a deleted principal is put back into the set of object ids
that are grantable to future objects. As a result, some other principal
may wind up with an object id that used to belong to a deleted principal,
and he may inappropriately be granted access due to stale ACLs that
possesses that object id. Or some other object that is not a principal
might wind up with that object id, and undefined things will happen.
Here's what would be nice: when an ACL is changed or added, using the
object map, form relationships between the principal objects it names and
the ACL-bearing object. When a principal is deleted, change the ACL of all
such-related objects so that the deleted principal id in the ACL is
replaced by an unobtainable object id.
Note that a variant of this bug/feature has existed in Zope for 13 years,
and it hasn't seemed to have raised much ire, but it always bugged me.
- Add a change_acl API that sends an event when an ACL is changed.
- Decide whether to split "manage contents" permissions out for folders into
add, delete, rename.
- ACL edit view currently retatalogs an object based on the presence or
absence of an "allowed" index. This is wrong.
- Emit an ObjectMoving event rather than removed event with a moving flag,
then an add event?
- Undo of catalog reindex doesnt?
- Refactor ACL view.
- Add specific configurator directives for object event registrations
(e.g. config.subscribe_modified).
- __viewable__, __renameable__, __deletable__, __copyable__, __duplicatable__
attributes of contained objects in folder contents view that controls
how contained object can be acted upon? E.g.::
def __viewable__(self, context, request):
return has_permission('sdi.view', context, request)
- Fix ``Batch`` such that seqlen is a maximum. Rationale: the sequence that
the batch receives may be smaller than seqlen due to hidden objects in
folder contents view.
- Generalize name validator.
Nice-to-Have Features
- Drag and drop ACE reordering in ACL edit view.
- Ability to add and edit principals in existing ACEs in ACL edit view.
- Document that add_view arg to @content can be a callable (accepting
- Document that icon to @content can be a callable (accepting context/request).
- Document how to override a content registration. Include an override
example for the sole purpose of overriding the add view.
- Explain ``after_create`` meta-argument to content.
- Explain __sd_deletable__, __sd_addable__, __sd_hidden__.
- Explain event listener decorators and add_content_subscriber.
- Narrative docs for reference properties.
- Docstrings for multireference property implementations.
Probably Bad Ideas
- Create "addable here" API that manages the __sd_addable__ attribute of a
folderish object.
Jump to Line
Something went wrong with that request. Please try again.