Security

Access to documents will be controlled via the normal Zope and Plone security mechanisms using groups to restrict access to a client's records. A group will be created for each client with the same ID as the Client ID (e.g. Plone Title). This requires some tweaking of the default workflow in Plone to allow one to simply restrict the client's top level directory. The Plone documentation on this is href="http://plone.org/documentation/how-to/creating-private-plone-site" here.

This will require the following steps when creating a new client, which should be handled automatically upon creating the top-level client folder:

1. Create the top level client folder.

2. Create a new group with the ID of the client.

3. Restrict access to the top level folder using the equivalent of the ``sharing'' tab. This should probably be a short-cut as there's only one option being used.