The basic question I have is: can I add a folder in ZMI, with the folder owned by zope admin, that will show on Plone site and function as a typical Plone folder?
Here is what I've tried:
-
In ZMI root, using the "add' in upper r/h corner I added: 'ATConentTypes: folder". Then I added a tab via portal actions. Worked in that tab shows on Plone site and clicking on it went to the URL; however, it wasn’t a folder
-
I tried: the 'plone.app.folder", again added tab in zmi and tab shows on the site. However, click tab gets a 'not found' (sorry for the big text below, I don't know how to stop it
So, can I add a folder in ZMI owned by zope admin that will show on Plone site and function as a typical Plone folder?
Background Info explaining why I want to do this.
I realize the use-case I'll describe below may not make sense to everyone, however, here is what I am trying to do.
I want to create a 'secure folder' at the root of my Plone site. This folder must be designed, from the beginning, to be as secure as possible because the contents would be expected to be very sensitive (e.g. tax documents). In considering whether the folder is secure or not, I am not thinking of people hacking into the site via a Plone vulnerability. I mean ensuring a complete lockdown of the folder expect those explictly given permissions, vs membership in a group. Also, I want to consider human error (site admin acting on folder and accidentally publishly, assigning new WF via placeful workflow, or sharing). Any of which would make this secure folder visible to unintented people.
Key to a secure folder, to me, is:
-
Create a folder which is owned by admin (Zope) not manger (Plone). The reason is to lock it down to only one person that could make changes. Manager role in Plone can be treated as a group and people easily added and this creates issues where newly added admn may accidentally/intentionally change WF via placeful WF, or share folder. Neither would be acceptable.
Note: I tried the following, but wasn’t useful: create folder as admin, add manger and delete admin, save chagnes; however, admin is automatically added back. So, as best I can tell I need to create the folder in the zmi so it is owned by Zope admin and anything regarding the folder can only be changed bye Zope admin in the ZMI. -
I created and assign WF that starts in private state and has no transitions, ensuring will always be private (this is completed).
-
I need to deal with placeful workflow (if installed) to prevent applying new WF (I'm in the process with this)
-
I need to deal with sharing. I found way to do this: (http://plone.293351.n2.nabble.com/plone-4-how-to-hide-disable-sharing-tab-for-a-custom-type-td5929905.html. (Still some minor issues (also hides sharing tab in everything below)
I know this is a long post; however, the basic question stated above is direct.
Thanks for any thoughts on how to do this.