This document describes how plone.app.discussion handles permissions and workflows.
plone.app.discussion uses permissions and workflows to control what a user is allowed to do. It tries to use the default Plone permissions and workflow engine as much as possible.
plone.app.discussion knows two permissions to control what a user is allowed to do. The ‘Reply to item’ permission to control who is allowed to post a comment on a content object and the ‘Review comments’ permission to control who is allowed to review comments.
Permission to post a comment:
The permission to post a comment is controlled by the ‘Reply to item’ permission. By default, this permission is granted to the ‘Member’, ‘Reviewer’, and ‘Manager’ role.
Permission to review comments:
The permission to review comments is controlled by the ‘Review comments’ permission. By default, this permission is granted to the ‘Reviewer’ and ‘Manager’ role.
If you want to change the way plone.app.discussion allows users to post or review comments you can do that by changing which permissions are granted to which rules. In Plone permissions are always granted to roles, not to users directly.
For instance, if you want to allow users without the ‘Member’ role to post comments, you have to grant the ‘Reply to item’ permission to the ‘Authenticated’ role.
Or, if you don’t want to allow ‘Reviewers’ to review comments anymore, you can just remove the ‘Review comments’ permission from the ‘Reviewer’ role.
Note
For a general introduction to permissions and roles in Plone see:
http://plone.org/documentation/kb/understanding-permissions/permissions-and-roles
http://plone.org/products/dexterity/documentation/manual/developer-manual/advanced/permissions
plone.app.discussion ships with a simple one-state workflow and a review workflow for comments:
Comment Single State Workflow:
Essentially a workflow with no transitions, but it has a published state, so portlets and applications that expect that state will continue to work.
Comment Review Workflow: A simple review workflow for comments
A simple review workflow that comes with two states (pending and published) and a single transition (publish).
The ‘pending’ state is the initial state. ‘published’ is the state where the comment is visible to everyone and non-editable.
The ‘publish’ transition is protected by the ‘Review comments’ permission.
* --> [pending] -- {publish} --> [published]--> *
Note
For a general introduction to workflows in Plone see: http://plone.org/documentation/kb/creating-workflows-in-plone/
You can create and enable any custom workflow on the “comment” content type. Though, there are some special hooks in plone.app.discussion that check if the workflow that is enabled for the “comment” content type has a ‘pending’ state in order to do the following things:
- A portal message will be shown to the user after posting a comment, if the comment just entered the ‘pending’ state.
- A message is shown to the user if he/she accesses the bulk moderation view and workflow is enabled for comments that does not implement a ‘pending’ state.
- A moderator will only be emailed when comment moderation is enabled in the discussion control panel and the comment workflow contains a ‘pending’ state.