################################################################

$RCSfile: TODO.txt,v $

Author: Craeg Strong

$Date: 2003/04/18 03:10:45 $

################################################################

ExternalFile is a fully compliant Zope Product, according to the Zope Developer Guide

There are a great many possible features we could add to ExternalFile. I have separated them into three categories: high priority, nice to have, and blue sky. Feedback is greatly appreciated, both on new feature ideas and bugs, and on their relative priorities.

Priority Items

• Security:

       Create a facility whereby ExternalFiles must be created within a
       set of allowed directory(ies), specified in
  
       etc/allowedDirectories.txt
  
       For example:
       #
       # helpful comment goes here
       #
       /     # allow everything
       #
  
       Or:
       #
       /home/webserver/public  # public stuff
       /archive/repository/    # read only dir full of downloaded PDFs
       /space/temp             # temporary area for testing
  
       Or:
       #
       c:\Documents And Settings  # docs dir
  
       - the create dialog will list the current set of allowed
         directories, but not allow changes (changes must be done by
         hand to the txt file)
  
       - there is no default for allowedDirectories.txt I will ship it
         with no entries, meaning that the product is effectively
         disabled by default
  
       - If no directory is set, ExternalFile.py will raise an Exception
         at Zope startup time, indicating that at least one allowdir
         must be set The exception report will include appropriate
         instructions
  

• Integration with Python Scripts

Nice to Have

• Allow an administrator to restrict ExternalFiles to only accept certain mime types, or to disallow certain types
• Different mime types should use different icons.

Blue Sky

• Do webDAV locking like the real DTMLDocument does. Subclass DTMLDocument? Or wait until Zope3?
• Make ExternalFile into "ExternalizableFile?" ExternalizableFiles can be made external or not, and changed on the fly. This can support a development process where files are normally stored inside the version control system (via the file system) but at some point the file is "released" and given an official version. This version should be frozen/uneditable. A nice way to do this is to copy it into the ZODB and disable editing.
• Support for ZCatalog/PrincipiaSearchSource should do the right thing based on mime type. Should include support for "pluggable" converters for full text search (for example XML files omit tags), field search and keyword search (for example grab XML metadata or MS Word metadata or HTML META tags).
• Intercept the Zope copy command to warn the user that the "copy" being made is only a copy of the pointer to a file, not the file itself, and that subsequent edits to either object will modify the contents of both (i.e. shallow copy). This is a good idea because most Zope users expect contents to be copied (i.e. deep copy).