Giorgio Borelli presented collective.geo.* the collection of libraries to integrate geo-information in any Plone content-types.

They use OpenLayers to show the data in the maps not to bind to Google Maps.

They use zgeo.* packages as base-products, so collective.geo.* are mainly plone intregation layers.

I have presented Tagzania a social mapping application and also explained the use of Geonames to geocode names.

We have also talked about other Plone products that provide map integration like Products.maps, and when asked about that, Giorgio has told us that he didn't want to stick always to Google Maps, so he developed this product that uses OpenLayers, and also that Products.maps doesn't support lines or polygons.

If I missed something, please post a comment! Photos tomorrow or on sunday, the USB cable is in my hotel room :(

Grok is a way to simplify the entry of people to Zope 3 (now called Zope Toolkit). Although Grok directly uses Zope Toolkit and it wasn't possible to use it directly in Zope 2, Grok people made a refactoring job to extract the core components of Grok to a smaller packages called grokcore.*

In that way Godefroi and other people like Lennart Regebro, were able to write five.grok: the Zope2 integration layer for Grok.

Now we can easily write views (browser views for example, because there are many other supported things) easily without needing to know all that ZCML stuff needed to register a browser view:

from five import grok

# assuming content is in a module called content
from content import MyContent

class MyView(grok.View):
    grok.context(MyContent)
    def render(self):
        return u'Me grok view Plone!'

Is not that easy? We just need one line, yes one line, of ZCML to load that:

<grok:grok package="."/>

Wow ! That avoids many lines of ZCML in our configure.zcml.

Grok is a way to avoid a lot of boilerplate code and ZCML lines without losing control on all those registration. It's another way of doing the same as we do writing ZCML, but without writing it.

Although there are many things already done and usable in Plone, they want to identify what isn't and write grokkers (classes that do the same as ZCML registrations) for them. Here are some of those things, identified in the open space:

• Portlets: there is something done in a package called plone.grok, but it's old and needs upgrading.
• GenericSetup: avoid all that code to register a GS profile or import steps.
• ContentRules.

There is also a package to grok z3c.forms in Plone.

I think this will be very useful for as at CS.

Many interesting talks these days at the Plone Conferente at ELTE Congress Center in Budapest!

We are talking about deliverance, xdv, Plone 4, Plone 5, and many other cool features of Plone, including Plone using experiences, integration with Django and other systems and many more.

This year, an experiment will be held the last day: an Open Space (or UnConference). People is writing intesting topics in a board, and the conference will be self-organized. I'm excited about a lot of the topics on that board. I can't divide myself so I'll try to attend the most I can.

Although the conference started on wednesday, two days of training were organized beforehand and there will be two more days of sprint.

Have a nice Plone!

We are using Plone for some community sites with blogs and newsitems with comments and we were attacked by spambots and found ourselves writing spam-deleting scripts until we found collective.captcha.

collective.captcha provides a very simple browser view to generate captcha images (and also sound-captchas) and to verify user input. We are using it in Plone 2.5.x and also in 3.x (like in this blog) and it works great in both of them.

First of all, you need to include in your buildout, both in eggs and zcml sections of your instance and then run the buildout to get it installed.

Then you need to integrate the captcha generated image and the form to get user input, we use a simple page template for that, called captcha_widget with the following content:

<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"
    i18n:domain="ataria">

<body>

<span metal:define-macro="captcha">

  <div class="field"
       tal:define="error errors/captcha|nothing;"
       tal:attributes="class python:test(error, 'field error', 'field')">
    <label for="captcha" i18n:translate="label_captcha">Captcha</label>

    <span class="fieldRequired" title="Required"
          i18n:attributes="title"
          i18n:domain="plone"
          i18n:translate="label_required">(Required)</span>

    <div class="formHelp" i18n:translate="help_captcha">
      Provide the text in the image. Just to avoid spambots
    </div>
    <p tal:replace="structure here/@@captcha/image_tag" />

    <div>
      <input type="text"
             name="captcha"
             id="captcha"
             value="" />
    </div>
  </div>

</span>

</body>
</html>

The relevant part in this page template is the line in which the captcha image is rendered:

<p tal:replace="structure here/@@captcha/image_tag" />

The first part is completed. Now we just have to check that the user input and the string shown in the captcha are the same. We mainly use collective.captcha together with qPloneComments and we use CMFFormController based forms so we need to create the .cpt with the form in which we include the captcha with the following sentence:

<metal:captcha use-macro="here/captcha_widget/macros/captcha" />

After that you have to write the validator script and tie together with the .metadata file of your form. The script we use is this:

from Products.CMFPlone import PloneMessageFactory as _

captcha = context.REQUEST.get('captcha')

view = context.restrictedTraverse('@@captcha')

if not view.verify(captcha):
    state.setError('captcha', _(u'Are you a bot? Try again...'))
    state.set(status='failure')

return state

With this, you will have your form protected from spambots.

But collective.captcha has some sort of bug (or at least it has a bug with our configuration) in which zope can't start if you do not override the captcha view in your product. We reported the error in plone-users but had no input about it, so I just reproduce it here.

To get collective.captcha work correctly and zope start, you have to add an overrides.zcml file to your product and add the following ZCML snippet in it:

<browser:page
    name="captcha"
    for="*"
    permission="zope2.Public"
    allowed_interface="collective.captcha.browser.interfaces.ICaptchaView"
    class="collective.captcha.browser.captcha.Captcha"
    />

So now you know how to protect your hand-made plone forms with collective.captcha.

We are currently building a website that has many customized content-types. In the main folder of the structure we are building, the client wants to reorder elements freely, like in a normal Plone folder. Well, the main folder of the structure is currently a Plone folder, so "no problem" I said, just go to Contents tabs and reorder the elements. But... aghh !!! I couldn't reorder the items !!

I started investigating what was going on, putting a pdb here and there, and found a curious thing: the items stored in the folder were some archetypes based custom objects with a portal type with a space in its name. This portal type was "Product Line". The reordering code compared the items inside it and checked whether the item was actually in it looking at its _objects attribute, nothing special til here. But the check was not safe enough.

The code looked at the Metatype of the FTIs in the portal_types tool to check whether the element which was being reordered was currently a CMF object. But the Metatype of the FTI wasn't the same as the meta type of the object, because the Metatype of the FTI was the actual portal type of the object.

Moreover, the _objects attribute wasn't modified when the meta type of the object was changed, so it wasn't enough the change just the meta_type. I had to write a migration script to change the _objects attribute of the folder to change "ProductLine" with "Product Line". That change made my custom objects orderable.