Happy hacking with Plone
-
Upload
makina-corpus -
Category
Software
-
view
1.822 -
download
0
Transcript of Happy hacking with Plone
Happy hacking with PloneÉric Bréhault - PloneConf 2015
We, Plone developersinvest time in Plone,build something nice and attractive,feel pround of it.
We, Plone developers
from "Les Vacances du Petit Nicolas" by Laurent Tirard
.fx: extra-large
The users play
from "Les Vacances du Petit Nicolas" by Laurent Tirard
The conflictThey loved it.We are desperate.
We retaliate
Pharmakonφάρμακον: medecine, drug, poison
Any medecine is also a poison.
My solution
Hackability is a featureIt is not a flaw.
It must be provided as a tool.
A hacking tool...to change or add whatever we want in our Plone sitethrough a modern and pleasant web interface
... not a hackable system
ZMI?
The Plone Theming editor!Already a "hacking" tool:
non-Plone experts can change the entire theme.
Diazo theory"We Write XSLT, So You Don't Have To"
Diazo realityGuess what? I am writing tons of XSLT!!
What we need
Content-to-contentOn-the-fly content changes with <before/> and <after/>.
< b e f o r e c s s : c o n t e n t = " # c o n t e n t - c o r e " > < a h r e f = " m a i l t o : c o n t a c t @ d i a z o . o r g " > A s k f o r h e l p < / a >< / b e f o r e >
Content-to-contentOn-the-fly content insertion.
< b e f o r e c s s : c o n t e n t - c h i l d r e n = " # m a i n " > < i n c l u d e c s s : c o n t e n t = " # b r e a d c r u m b s " / >< / b e f o r e >
Content-to-contentOn-the-fly remote content insertion.
< b e f o r e c s s : c o n t e n t - c h i l d r e n = " # m a i n " > < i n c l u d e h r e f = " / n e w s " c s s : c o n t e n t = " # b r e a d c r u m b s " / >< / b e f o r e >
We want morecreate our own chuncks of contentimplement our own scripts
with basic knowledge of HTML and Python
Rapido
It lives in the themeEditable through the Plone interface......or in the sources.We use Diazo to inject it in Plone.
Dead simpleno ZCA stuff,no ZPT (or any templating language),no JBOT,
Just HTML and Python
Demo
What do we get in ourcontext?
context.app
context.request
context.portal
context.content
context.api (the Plone API!!)
Is it secure?Python scripts are executed byzope.security.untrustedpython.
All the regular security stack is applied, like:
current user privileges,CSRF policy (@PostOnly for instance).
Battery includedRapido comes with a complete REST API.
GET / POST / DELETE / PUT / PATCH
It is a ready-to-use JSON backend.
Demo
Battery includedRapido provides a Plone Content Rules action.
We can hook our scripts to any Plone event.
Battery includedRapido is Mosaic compliant.
(but it does not depend on it)
Demo
Thank you!