We are developing an Intranet solution based on Plone 5.2 for a mid-size organisation which ist hierachically organised.
As the organisation is structured hierachically, every department in the organisation can publish documents in its own department only, or down to a specific level.
We try to solve the requirement with setting local roles during a workflow transition. This is because there are about 500 departments in the organisation and we want to avoid bloating up the workflow definition with transitions and states for every needed role to group assignment that is needed.
We have a restricted python script which is called after the transition, and which unfortunately raises an unauthorizied exception with is caused by the script. The script has the following statements:
define a browserview that does the local roles setting & reindex and call it from the script (or directly).
Did you try to change the local roles with a python script (create one in portal_skin/custom) to check if the problem is not related to workflow context?
What does "reindex" mean ? Which steps do i need to make changes in the local role settings permanent and available in all places of memory plone/zope uses the local role settings in ?
We have to clear the acquireLocalRoles-setting on newly created documents, too, and tried do this with a transition-script, too, but didn't work. Calling a view from the script is the general solution for this kind of problems, i think.
does not call the view when used in the transition-change script . The view works, when i call it with @@myview on the url of the object in the browser. Any ideas ?
I get an 'insufficient privileges' site back with no stacktrace/exception showing in the 'instance fg' terminal output when trying your suggested statement in a Python-script connected to the state-transition.
In which version of Plone did you successful execute your suggestion ?
Sorry for the delay, we managed to solve the issue otherwise, but now it arises again.