I'm planning a project which manages access control to information based on folder structure and local permissions. For performance reasons I'm considering souper.plone. Just putting my main "research" considerations out there, in case someone already knows the answers off their head.
If I use souper.plone to create lightweight records instead of using dexterity:
- Are souper.plone records aware of local roles and permissions? (my guess is that soups are aware NOT individual soup records)
- Can I organise souper records hierarchically? (my guess is that I'll have to organise the hierarchy at the soup level NOT the individual soup record)
Use case - replace dexterity content with souper.plone records
Let's say this is a school and the information to be stored in souper.plone records is student information.
There are three Groups types:
- School Level (I can see all information) e.g Main School Group
- Grade Level ( I can see all information for a grade) - eg. Grade 2 Group
- Class Level (I can see all information for a class) - eg. Class 2-1 of Grade 2
Using a pure dexterity approach, I would create "student" content types and then place them in their various classes. Permissions would be managed based on a folder hierarchy and local sharing permissions. The folder structure would end up looking like this (Grade 2, Class 2-1 expanded for illustration):
School | ----- Grade 1 | ----- Grade 2 | | | ----- Class 2-1 | | | | | |--- student 1 | | |--- student 2 | | |--- student 3 | | | ----- Class 2-2 | ----- Grade 3
Other things I'm considering
- I need to confirm that I'll need to create multiple ISoupRoots to simulate hierarchy
- What out of the box dexerity capabilities will I sacrifice?