django-swingcms / TUTORIAL

User manual


-  python 2.6 or higher. Untested with python 3.x.
-  django 1.3.x.
-  PIL (python library for image manipulation)
-  rdiff-backup (differential backup service)


Local deployment (for development)

Download, extract and start local development httpserver. Backup
and caching features require two folders: read under the server
Server deployment (for production). Default account is username: admin, password: admin

Typical deployment:

#. deploy linux (debian/ubuntu) server
#. deploy apache2, rotatelogs and wsgi module
#. install dependencies
#. download and extract swingcms, assign owner www-data and
   permissions 700
#. make and assign same owner and permissions to:
   ``/var/www/backup/django<br />           /var/www/cache/django``
#. change paths into apache/handler.wsgi
#. copy the apache/swingcms\_apache\_directives into
   /etc/apache2/sites-available, change paths and enable it
#. change admin account!!! (default is username: admin, password:
   ``python initialize_administrator``
   The new account is outputted in shell and in account.txt file
#. in settings:
   ``DOMAIN = ''<br />             DEBUG = False<br />             VERBOSE = False<br />             SERVED = False<br />             SECRET_KEY = "dfbxzlv8734r423r232dfcsvUHIedf" # change this every new project for security!!!<br />``

View and edit folder

As authenticated user and with right permissions the view and edit
folders and the typical hierarchical features (also recursive) get
availables: add, change, cut, copy, paste, remove, change status.
In view *edit* you can apply this features to contents selection
and swap position of pairs. The recursion policy is "make the
possible": for instance, delete a folder produces an effect only on
not locked nested objects and on user owns right permissions
objects. An alert displays action's completeness.

The concurrency contribution is preserved by simple
*pessimistic locking* mechanism: the object is handled from one
user at a time. Locked objects are listed in personalbar plugin.
The editorial workflow is hard-coded: firstly, added or modified
contents go in *revision* status. Instead of the folder an "index"
named content is showed if it exists and if the user is not
authenticated. Some names such "top", "footer" e "colophon" are
reserved to plugins and allow layout components customization.
Some forms embed wysiwyg CKEditor in textarea fields, tags are
filtered according to security levels. Anyway, in raw textarea is
ensured carriage return and links rendering.
Each content and plugin have more templates and the possibility to
choice the layout in which they are rendered. Contents have
categorization, optional validity time for folder rendering,
optional fields for SEO. Each content has an history (datetime,
user, action) retrieved from log table.
Contenttype "collage" holds and organizes user selected contents
and plugins into a configurable slot's grid.
Contenttype "collector" filters *collectible* contenttypes.

Contents translation mechanism is based on a multiple content
publications, each one in a specific language. For instance, if
each content's version has the "language" attribute setted and
settings.LANGUAGE\_RESTRICTED is True, the forlder view renders
only contents in preferred language (or those not binded to a
specific language). Note that if
browser preferences are bypassed.

Plugins receive arguments to update themselves (if needed) on every
request and have internal cache.

-  head: renders tags, metatags and import js and css
-  menu, breadcrumbs e navigation: render navigation
-  top, footer e colophon: find related contents in language
-  search: textual search
-  personalbar: language choice, login/logout, locked objects,
   admin and personal panels link


It is possible granting to user and groups global, on model, on
specific object permissions. Permissions can be positive or
negative. An algorythm computes effective permissions:

-  acquiring from groups
-  take into account hierarchcal upper permissions/prohibitions
-  derivating from global permissions
-  defaulting some permissions to the object owner
-  take into account anonymous user and superuser status (superuser
   permissions are hard-coded: they are the all possible ones.
   Anonymous, as all users, has only super-permissions to view public
-  take into account those specifics, directly granted to the

Specific permissions are granted and revoked in content views. As
adding an object, it "inherits" compatible specific permissions to
users and groups on parent container granted. According to
settings.ENCRYPT\_PASSWORD and settings.TRY\_NO\_ENCRYPTED it is
possible bypass cryptation and check raw passwords.
Admin panel

Administration panel exposes:

-  differential backup and download in packed format
-  apps dynamic settings management
-  switch site to manutention status
-  emails features
-  grant and revoke to groups and users global and on model
-  static files editing
-  categories editing
-  execute commands, for example cleaning
-  other

Mailserver and agenda

Mailserver provides this features: contacts,
subscribtion/unsubscription (with categories and optional *single*
or *double* opt-in confirm), confirm and user activation, list
import/export, newsgroup manager, send to list-categories-queryset.
Agenda provides this features: popup events, plugin agenda,
calendar and list view.