Enhancing Document Management features

Next topic

Author	Message
Hakim Bouras	Wednesday 14 February 2007 12:36:40 am Hi, Unless I missed something, ezPublish (last version tested 3.9) miss two critical features about Document Management: - SECURITY: any files uploaded are accessible to anyone knowing the URL (anonymous user). The security only applies to the container (File object, or image ...) but not to the file itself - VERSIONNING: files uploaded are not versionned, only the container (File object, or image ...) is Do we have a chance to see these issues addressed in the next versions of ezPublish? Thanks, Hakim
Kristof Coomans	Wednesday 14 February 2007 2:29:45 am Hi Hakim - SECURITY: if you configure eZ publish correctly (see http://ez.no/doc/ez_publish/technical_manual/3_8/installation/virtual_host_setup#comment6751 ) then binary files are not directly accessible, instead they need to be downloaded through the content/download view, which checks the read (or versionread) policy on the file content object. - VERSIONING: files uploaded ARE versioned Also see http://ezpedia.org/wiki/en/ez/file independent eZ Publish developer and service provider \| http://blog.coomanskristof.be \| http://ezpedia.org
Xavier Dutoit	Wednesday 14 February 2007 5:24:59 am Hi, The preview view for the file for a specific (archived) version doesn't display the correct link but the latest one, no matter the version (at least on the version I've tried on) . However, if you do a diff between two versions, it's going to show the correct urls for both of them (content/download...) and you can download the previous version. X+ http://www.sydesy.com
Hakim Bouras	Thursday 15 February 2007 4:33:50 am Well, I missed something... Thank you for your replies. In order to enhance the Document Management features, I will then propose: - to include two levels of versions (which will help to keep a meaningfull history) - major versions (1.x, 2.x, 3.x, ...) for important changes - minor versions (x.0, x.1, x.2, ...) for small changes - to include the possibility to flag some versions as "Archive" so that they do not get automatically recycled Hakim
Stephen Boals	Sunday 25 February 2007 6:58:01 am Great articles on security requirements on CM/DM systems: -edited: link removed (spam)-

eZ debug

Timing:	Jan 18 2025 11:02:46
Script start
Timing:	Jan 18 2025 11:02:46
Module start 'layout'
Timing:	Jan 18 2025 11:02:46
Module start 'content'
Timing:	Jan 18 2025 11:02:47
Module end 'content'
Timing:	Jan 18 2025 11:02:47
Script end

Main resources:

Total runtime	0.8408 sec
Peak memory usage	4,096.0000 KB
Database Queries	67

Timing points:

Checkpoint	Start (sec)	Duration (sec)	Memory at start (KB)	Memory used (KB)
Script start	0.0000	0.0098	589.1484	152.6406
Module start 'layout'	0.0098	0.0046	741.7891	39.4766
Module start 'content'	0.0143	0.8251	781.2656	638.4141
Module end 'content'	0.8395	0.0013	1,419.6797	12.1406
Script end	0.8408		1,431.8203

Time accumulators:

Accumulator	Duration (sec)	Duration (%)	Count	Average (sec)
Ini load
Load cache	0.0034	0.4051	16	0.0002
Check MTime	0.0013	0.1510	16	0.0001
Mysql Total
Database connection	0.0048	0.5718	1	0.0048
Mysqli_queries	0.7623	90.6562	67	0.0114
Looping result	0.0007	0.0856	65	0.0000
Template Total	0.7911	94.1	2	0.3956
Template load	0.0021	0.2530	2	0.0011
Template processing	0.7890	93.8347	2	0.3945
Template load and register function	0.0002	0.0195	1	0.0002
states
state_id_array	0.0015	0.1780	1	0.0015
state_identifier_array	0.0012	0.1388	2	0.0006
Override
Cache load	0.0018	0.2117	34	0.0001
Sytem overhead
Fetch class attribute can translate value	0.0007	0.0867	4	0.0002
Fetch class attribute name	0.0073	0.8697	8	0.0009
XML
Image XML parsing	0.0033	0.3884	4	0.0008
class_abstraction
Instantiating content class attribute	0.0000	0.0021	9	0.0000
General
dbfile	0.0027	0.3245	28	0.0001
String conversion	0.0000	0.0014	4	0.0000
Note: percentages do not add up to 100% because some accumulators overlap

Templates used to render the page:

Usage	Requested template	Template	Template loaded
1	node/view/full.tpl	full/forum_topic.tpl	extension/sevenx/design/simple/override/templates/full/forum_topic.tpl
4	content/datatype/view/ezimage.tpl	<No override>	extension/sevenx/design/simple/templates/content/datatype/view/ezimage.tpl
5	content/datatype/view/ezxmltext.tpl	<No override>	extension/community_design/design/suncana/templates/content/datatype/view/ezxmltext.tpl
7	content/datatype/view/ezxmltags/paragraph.tpl	<No override>	extension/ezwebin/design/ezwebin/templates/content/datatype/view/ezxmltags/paragraph.tpl
2	content/datatype/view/ezxmltags/line.tpl	<No override>	design/standard/templates/content/datatype/view/ezxmltags/line.tpl
1	print_pagelayout.tpl	<No override>	extension/community/design/community/templates/print_pagelayout.tpl
Number of times templates used: 20 Number of unique templates used: 6

Time used to render debug report: 0.0001 secs