How to Setup a Plone Intranet in Half a Day (Python Web Conf 2020)

Level: Beginner 
Topic(s): Plone 

Whether at work or outside of work, we usually need to collaborate with others.
This collaboration can take many forms:

  • storing documents
  • organizing documents
  • sharing documents
  • creating and filling out forms
  • protecting documents and data from prying eyes
  • managing access to documents and data
  • finding documents and data

Enterprises enable this kind of collaboration by creating an intranet. Users must log into this intranet, quickly and easily find the documents and data they need, revise them, save them, and share them out to others on their project teams. Intranet administrators create teams and set aside workspaces for those teams.
Setting up this type of intranet does NOT have to be hard nor does it have to be expensive!

Plone is a longstanding, secure, open source web content management system that lets you create intranets like this.

In our interactive, hands-on tutorial we will cover how to:

  • install Plone on a brand new virtual machine
  • create a website using Plone
  • turn that website into an intranet
  • create user accounts
  • create user groups
  • create team workspaces
  • grant access to workspaces to the right group(s)
  • create and organize documents, files, and forms in workspaces
  • test the security of the intranet's access restrictions

And best of all: you will be able to do this for volunteer groups and any communities you're a part of.

What you'll need:
  • a laptop (any operating system)

Characteristics of an Intranet

What are the general characteristics of an intranet?

Who collaborates?
  • individuals
  • teams

When we collaborate, we often do so using documents:
  • “documents” (files, images, website pages)
  • forms

We organize documents using folders, which can contain other folders, and so on.

We want to be able to find things quickly and easily, so search is an important intranet capability.

Collaboration requires that we share information with other individuals and groups.

An intranet requires identifying its users, and so at the very least requires logging in. An intranet can be 
  • completely public
  • partially private
  • completely private

When we work on documents, it’s important to retain version history, to view previous versions, to compare versions, and (on occasion) to revert to previous versions.

Intranets will have different levels of access and responsibility (roles). Administrators create user accounts, create teams, and assign workspaces to teams and individuals.

Intranets and Plone

Setting up this type of intranet does NOT have to be hard nor does it have to be expensive!

Plone is a longstanding, secure, open source web content management system that lets you create websites and intranets.

Today, we will
  • install Plone on a brand new virtual machine
  • create a website
  • turn that website into an intranet
  • create user accounts
  • create user groups
  • create team workspaces
  • grant access to workspaces to the right group(s)
  • create and organize documents, files, and forms in workspaces
  • demonstrate the security of the intranet's access restrictions

We will also talk about what you would need to do to run this type of intranet “for real”, and where to go from here (e.g. extending it with more functionality).

Install Plone

Plone can be installed several different ways. You can run it natively on macOS, Linux, Unix, and Windows computers, and you can run it inside containers such as Vagrant and Docker. 

Most commonly, Plone is run in a virtual machine hosted by providers such as Digital Ocean, Linode, and Amazon AWS.

Today we will use a preconfigured Amazon AWS machine image that you can use with the AWS free service tier. 

Create an AWS account

You will have to sign up for an AWS account if you don’t already have one. 
Go to https://aws.amazon.com and click the orange button “Create an AWS Account” in top right corner

  • You will have to enter a credit card which will be changed a temporary $1 fee that will be removed after 3-5 days.

  • Choose the Basic Support Plan
Sign into the Console 
Use the default choice “Root user” and enter the email address you just used to create your AWS account 
Enter your password
You are at the AWS Console 

Create a new EC2 instance using an AMI

Click on the Services drop down menu in the top black bar

Choose “EC2” 
Click the orange button “Launch an Instance” at the bottom 
You will see an AMI search page 
*** IMPORTANT *** Set the region to us-east-1, or N. Virginia 
Search for the AMI (Amazon Machine Image) named pythonwebconf2020-plone-intranet 
You will find it in the Community AMIs. 
Click on that “1 results” link
Click the blue Select button. 

Leave the default t2.micro selection, which is available as part of the AWS free tier. 

Note: if you are ok not using the free tier, or you have already used up all of your AWS free tier, you can use the t3.micro  or t3a.micro types and actually save money, relative to the cost of running a t2.micro. See https://ec2instances.info/?cost_duration=monthly
Click “Next: Configure Instance Details” in the bottom right corner 
Scroll down a bit and uncheck “T2/T3 Unlimited”:
Leave everything else as is, and click “Next: Add Storage” in the bottom right corner 
Leave as is, and click “Next: Add Tags” in the bottom right corner 
Leave as is, and click “Next: Configure Security Group” in the bottom right corner 
Click the grey “Add Rule” button and enter “8080” in the Port Range column 
Leave everything else as is, and click the blue button “Review and Launch” 
Click the blue “Launch” button 
If you have an existing key pair, choose it; otherwise, choose “Create a new key pair” 
Enter a new key pair name, e.g. “PythonWebConf-Plone-Intranet”
Press the grey “Download Key Pair” button 
This will download a file called PythonWebConf-Plone-Intranet.pem to your computer; you will need it to ssh into the instance
Press the blue Launch Instances button
On the Launch Status page, click on the link to your new instance 

View your Plone site

On the EC2 Instances page, you will find the IP address of your new instance in the bottom pane, in the right column. 
Place your mouse just to the right of that IP address; a small icon will appear. Click on it to copy the IP address to your clipboard. 
Open a new browser tab and paste the IP address into the address bar, with :8080 appended (a colon immediately followed by the port number 8080, the port that Plone listens on by default), and press Enter
You should see the Plone container page 
  • Click on the blue button “View your Plone site” 
To log in, use the “Log In” link at the top of the front page, and enter:
  • admin
  • 2020pwc

A Tour of Plone

Let’s take a quick tour through your new Plone site.

Key Points About Plone

Here are some key points about Plone:
  • content is organized in folders
  • content types define the structure of information stored and presented, e.g. page vs news item vs event
  • you navigate to where you want to add something, then add it
  • everything is security-aware: Plone checks if you’re logged in, who you’re logged in as, what you’re asking to view or edit, and what you can be shown

Viewing a Plone Site as the Public

  1. Click around on the site, e.g. the News and Events folders. 
  1. Use the search box (search for anything containing the word “Plone”).
  1. Click on the Site Map, Accessibility, and Contact links in the footer.
  1. Return to the front page by clicking on the logo at the top of each page.
  1. Click on the “Set up your mail server” link in the “Get started” section. What happens?
  1. Close the new browser window or tab and return to the front page.
  1. Click on the “Log in” link at the top right corner of the page.

Log in

To log in, use the username admin and password 2020pwc

Once you’re logged in, what differences do you see in the user interface? 

The toolbar

The left toolbar is almost always an indication that you’re logged in to a Plone site. 

The buttons and menus in the toolbar will vary depending on what you are currently viewing and what your user is authorized to see and do, which in turn is defined by Plone’s powerful security model:
  • permissions and roles directly assigned to your user
  • permissions and roles directly assigned to groups that your user is a member of
  • your role respective to the item you are viewing
  • the workflow state of the item you are viewing

Because you are using the user admin which is granted the Manager role by default, there are no security restrictions on what you can do.

Here is a brief description of the toolbar buttons:
  • “Contents” shows you a directory-like listing of what is in the current folder
  • “Edit” lets you edit the current item
  • “View” lets you switch to the display-only view of the current item
  • “Add new…” lets you add an item in the current folder 
  • “State” shows you the workflow state of the current item and lets you transition the current item to another state 
  • “Display” lets you change the way the current item is displayed 
  • “Manage portlets” lets you control what appears in the left and right columns and in the footer 
  • “a day ago” actually shows you the last modification date of the current item; if you click it, you see the version history of the current item and you can compare versions and revert to previous versions
  • “Sharing” lets you control who can view, add to, edit, and review (publish) the current item
  • “admin” actually shows you the user you are logged in as; if you click it, you see a menu that lets you set your user preferences, go to your dashboard, go to the Site Setup (control panels), and log out 

Plone Workflow

Plone lets you control access to your content, whether for viewing, editing, publishing, or deleting.

Publication States

The publication control system for Plone is very flexible, starting with basic settings for making an item private or public.

In the toolbar, for any content type (folders, images, pages, and so on), there is a menu for publication state. This State menu has settings for controlling publication state: 
The toolbar will show the current publication state for the content item, such as “State: Private”, as shown above. Private is the initial state when you create a content item – a page, a news item – and in the private state, as the name indicates, the content item will generally not be available to visitors to the website.

The “Publish” menu choice will make the content item available on the web site to anonymous (not logged-in) visitors. The “Submit for publication” menu choice is used on web sites where there are content editors who must approve items for publication, as discussed below.

Certain content types, such as news items and events, will not appear on the website as you expect, until they are explicitly published.

Publication state is important!

Publication state can be changed only by users whose accounts have the necessary permissions. The menu choices in the state menu will reflect existing permissions settings. For example, in a newspaper web site, a reporter could add pages for news articles, but the state menu will not show a “Publish” menu choice, only a “Submit for publication” menu choice. This is because a reporter must submit articles up the line to the editorial staff for approval before publication. If your account has the permissions, however, the “Publish” menu choice will appear and you can simply publish in one step.

For an editor, a content item that has been submitted may be published or rejected, either outright, because it is an inappropriate submission for the situation, or for the more typical reason that the content item needs revision.

After a content item has been published, it may be retracted, to change the state back to public draft state, or sent back to private, if desired. The menu choices in the state menu will change accordingly:
Instead of completely deleting items in your site that have become obsolete or undesired for some reason, you could instead retract (“unpublish”), or set to private, any content.

Setting to private will take the item from public view and prevent it from showing up in search results, but will keep it around in case the format or the actual material (text, images, etc.) is needed later, or you later change your mind and want to re-publish the content.

  • Note: Content that was published once on a public website may have been indexed by search engines. Unpublishing will make it invisible to direct visitors to your site, but search engines often keep a copy of it in their indexes. Then again, the same is valid for deleting content.

The decision to delete or to set to private may depend on whether or not the content exists elsewhere, on another computer or in your company central data storage. Having large amounts of private content on a site might confuse editors, and it will take up some disk space on your webserver.

Advanced Control

The publication control system, under the Advanced menu item, has sophisticated features for setting availability by date and by context. 
Choosing “Advanced…” brings up the “Publishing process” dialog:
Below an explanation section at the beginning of the panel, there is a check box showing the content that will be affected by this change of publication state. Here it shows we are working on the “Documentation” folder.
(For now, ignore the other unchecked box; more on this later.)

The next field, Include contained items, is a check box for controlling whether the state change affects this item only (the “Documentation” folder) or the items it contains and all of any subfolders and other contained items.
This is an important check box.

It lets you change the availability of an entire section of a website. For example, the “Documentation” folder could contain four subfolders, with images, files, and other content that has been kept private during the initial work to build up this content. All of it could be immediately made public – it could be published – by checking this box and checking Publish at the bottom before saving.

Likewise, the Submit for publication choice would be used on a web site where editors control ultimate publication.

And you can do the reverse, of course: make an entire section private. For example, if an automobile rental agency decided to remove a car model from its fleet, an entire section of their website devoted to this car model, with several subfolders full of pages, images, and files, could be set to private.

The next two date fields are for Publishing date and Expiration date. Their meanings are straightforward. If there is a window of time, for which a content item or a set of content items is valid for publication, it may be set with these fields.
A comment lets you attach an explanation to all content affected by the state change.
This is especially useful when several people are working on a website, and a person less familiar with an area of the web site looks at content and wonders why it isn’t published. They wonder, “This information looks good. Why isn’t it published already?” Then they read a comment that says something like, “Don’t publish until Richard checks on copyright issues regarding the items described here.” Using comments is a good idea for sensitive information, even if you are the only person working on the web site, because you might forget why you made a decision about publication state.

Finally, at the bottom there is a choice of several available states for this action. It will vary, depending on the present state of the item. For example, if the item is currently in a published state, there won’t be a choice for publish, if the item is presently in a private state, there won’t be a choice for make private, etc. If an item is published already, there will be choices in this bottom part of the panel for reject and retract, for “unpublishing” at item, setting it back to public draft or then to private state.

A folder’s workflow state affects its content

When it comes to the Private state, folders are somewhat special. Changing a folder to (or leaving it in) the private state has the following effects:

  • The folder as well as all its contents are taken out of the navigation and site map for anonymous users, and also for logged-in users who don’t have permission to see private content. This means that all these users will not be able to find either the folder or any of its contents through any of the navigation menus. Of course, this includes external search engine robots.
  • The folder itself can not be viewed by anonymous users, or by logged-in users who do not have permission to see private content. This is true even if an anonymous user, for example, had the direct URL to the folder, which would be the case if a link to the folder was part of the content body of a page in a different section of the same site or even a different site. Clicking such a link would result in being redirected to the login form.
  • However, any published content of a private folder (or even of any of its sub-folders) will appear in the site search, even for anonymous users.
  • Also, anonymous users who know the URL of a published content item inside a private folder will be able to view this content. Consequently, if a link to any such published content of a private folder is embedded in any part of the same site or external site, that content will be viewable by anyone.

Thus, putting a folder in the private state is not a guarantee of security for any of its contents. Unless, of course, all the content has been made private, as well. This can be done in bulk and in a single step, as described above, in Advanced Control.

This is especially true of a folder’s default item view (covered below, in “Setting an Individual Content Item as the View for a Folder”). If the contained item that is set as the folder’s default view is published, then the folder will in a sense be public as well, even if its own state has been set to private. However, the folder will still be hidden from navigation for anonymous users.

When it comes to the folder default item view, care must be taken to have clarity on whether the desired workflow state is set on the folder, the default view item, or both.

Special Cases: Images and Files

When discussing published content of a private folder above, we glossed over an important assumption: namely, that all content items actually have a published state. This assumption is actually incorrect. The Image content type and the File content type do not have the State menu (in a default Plone installation). Thus, they can not be made public or private or any other state. Instead, Images and Files inherit their state from the container in which they find themselves. Therefore an image in a private folder will be private; an image in a public folder will be public.

It is possible to bypass this inheritance of a folder’s workflow state by contained images and files.

One of the workflows shipped with Plone by default is called “Single State Workflow”. To change the workflow for all Image content items, go to Content Settings on the Site Setup page. Select Image (or File) in the top dropdown menu, and then “Single State Workflow” from the New workflow dropdown menu. Once you click Apply changes, all Image content items will acquire the new workflow, and in particular, they will all be in published state, and will not inherit the containing folder’s workflow state.

Some site administrators prefer all Images to be published, but do have special workflow states for Files, as some files may only be accessible for logged-in users with a certain role. That is entirely possible using the above method, and setting an appropriate workflow on the type File.

Looking inside workflow, permissions, and roles

A Plone workflow is a security package definition. A workflow defines several things:
  • the states that an item can be in
  • the transitions between states
  • conditions (“guards”) that restrict who can invoke a transition
  • custom permissions and roles
  • which permissions are assigned to roles in a given state 

Plone comes with several workflows, and you can change which workflow applies to a content type. 

Plone workflows

Let’s see which workflows Plone ships with.

  1. Click on your user menu at the bottom of the toolbar.
  1. Choose Site Setup.
  1. Click on “Content Settings”. 
  1. When you first visit this control panel, you are shown the default workflow for the site. The default workflow is “Simple Publication Workflow”. If you click the “New workflow” drop down menu, you can see the other workflows that come with Plone. 

Details of Plone’s default workflow

Let’s examine the definition of the Simple Publication Workflow.

  1. At the very bottom of the right column, click on “Management Interface” in the “Advanced” block. 
  1. Scroll down and click “portal_workflow”, then click the “Contents” tab at the top of the page. 
  1. Click on “simple_publication_workflow” at the bottom of the page. 
  1. Explore this workflow definition by clicking on the “States”, “Transitions”, and “Permissions” tabs. 
The Simple Publication Workflow contains the following states and transitions:
  • private (the initial state)
  • submit (Member submits content for publication)
  • publish (Reviewer publishes content)
  • pending
  • publish (Reviewer publishes content)
  • reject (Reviewer sends content back for re-drafting)
  • retract (Member retracts submission)
  • published
  • retract (Member retracts submission)
  • reject (Reviewer sends content back for re-drafting)

Each transition includes “guards”, which restrict who can invoke it, based on a required permission, role, group membership, or a TAL (template attribute language) expression.

Here are the guard details for the submit and publish transitions: 

The two guard permissions, Request review and Review portal content, allow different users to submit  an item for review, as opposed to publishing it directly.

Plone permissions and roles

Let’s determine who has these two permissions, Request review and Review portal content.

  1. Navigate to the Management Interface view of the Plone site by clicking on Plone in the breadcrumbs. 
  1. Click on the Security tab 
  1. Using your browser’s Find feature (usually Control-F or Command-F), search for “Request review” 
  1. Note which roles (columns) have the Request review permission assigned to them: Editor, Manager, Owner, and Site Administrator. Any user with those roles can submit an item for review.
  1. Now search for “Review portal content” 
  1. Note which roles have the Review portal content permission assigned to them: Manager, Reviewer, and Site Administrator. Only users with those roles can review and publish a submitted item.

Appendices

EC2 instance setup

Instance type: t2.micro (AWS free tier eligible), t3.micro (less expensive), or t3a.micro (less expensive). 20 GB EBS volume

Plone installer

plone.org/download → Plone 5.2 → Unified Installer


Build command history


[ec2-user@ip Plone-5.2.1-UnifiedInstaller-r3]$ history
    1  wget https://launchpad.net/plone/5.2/5.2.1/+download/Plone-5.2.1-UnifiedInstaller-r3.tgz
    2  tar xfz Plone-5.2.1-UnifiedInstaller-r3.tgz
    3  cd Plone-5.2.1-UnifiedInstaller-r3/
    4  python3
    6  sudo yum install python3
   10  sudo yum install gcc
   17  sudo yum install libjpeg-devel
   18  sudo yum install lib-devel
   19  sudo yum install libxslt-devel
   21  sudo yum install supervisord
   22  cat /etc/*-release
   26  sudo amazon-linux-extras install "nginx1.12"
   35  sudo yum install python3-devel
   37  sudo yum install patch
   39  sudo yum install openldap-devel

[ec2-user@ip Plone-5.2.1-UnifiedInstaller-r3]$ sudo ./install.sh --with-python=`which python3` --password=admin standalone

Testing /usr/bin/python3 for Zope/Plone requirements....
/usr/bin/python3 looks OK. We will use it.


Root install method chosen. Will install for use by users:
  ZEO & Client Daemons:      plone_daemon
  Code Resources & buildout: plone_buildout


Detailed installation log being written to /home/ec2-user/Plone-5.2.1-UnifiedInstaller-r3/install.log
Installing Plone 5.2.1 at /opt/plone

Using useradd and groupadd to create users and groups.
useradd: warning: the home directory already exists.
Not copying any file from skel directory into it.
useradd: warning: the home directory already exists.
Not copying any file from skel directory into it.
Creating Python virtual environment.
Using base prefix '/usr'
  No LICENSE.txt / LICENSE found in source
New python executable in /opt/plone/zinstance/bin/python3
Also creating executable in /opt/plone/zinstance/bin/python
Installing setuptools, pip, wheel...
done.
Installing Python requirements in virtual environment.
Copying Plone-docs
Copying buildout skeleton
Building Zope/Plone; this takes a while...
Buildout completed

#####################################################################

######################  Installation Complete  ######################

Plone successfully installed at /opt/plone
See /opt/plone/zinstance/README.html
for startup instructions.

Use the account information below to log into the Zope Management Interface
The account has full 'Manager' privileges.

  Username: admin
  Password: *****

This account is created when the object database is initialized. If you change
the password later (which you should!), you'll need to use the new password.

Use this account only to create Plone sites and initial users. Do not use it
for routine login or maintenance.- If you need help, ask in our forum https://community.plone.org - Live chat channels also exists at http://plone.org/support/chat - Submit feedback and report errors at https://github.com/plone/Products.CMFPlone/issues (For install problems, https://github.com/plone/Installers-UnifiedInstaller/issues)

Extra add-ons

  • collective.impersonate
  • collective.documentviewer
  • collective.sortedcontrolpanels
  • collective.pwexpiry
  • Products.PloneKeywordManager
  • plone.app.changeownership
  • collective.easyform
  • eea.facetednavigation
  • plone.app.mosaic
  • collective.taxonomy
  • plone.app.imagecropping
  • collective.z3cform.datagridfield
  • collective.collectionfilter
  • pas.plugins.ldap
  • collective.lineage
  • collective.venue
  • collective.sidebar

buildout.cfg

############################################
#
# Buildout Configuration File for Plone
# -------------------------------------
#
# ALWAYS back up all Plone/Zope data and components
# before changing configuration.
#
# Running "bin/buildout" will update your installation,
# installing missing components as necessary.
#
# This will update the add-on products you've added in the eggs= lines.
# This will not, however, upgrade Plone itself (or anything else you've
# pinned with a version specification). To upgrade Plone itself, see the
# comments in "Plone Component Versions".
#
# Tutorial instructions for using zc.buildout for
# configuration management are available at:
# https://docs.plone.org/manage/installing/installing_addons.html
# Full details at http://pypi.python.org/pypi/zc.buildout
#
############################################


[buildout]

# buildout.sanitycheck makes sure you're not running buildout
# as root.
extensions =
    buildout.sanitycheck

############################################
# Plone Component Versions
# ------------------------
# This version of the Unified Installer has the components of Plone 5
# preloaded so that it can install without an Internet connection.
# If you want to update, uncomment the "http://..." line below,
# edit it to point to the current version URL, comment out the
# "versions.cfg" line and run "bin/buildout" while attached to the
# Internet. Generally, you only want to do that as part of a planned migration.
# Note that if you are updating components, you should also check the versions
# section at the end of this file, since recipes or components other than
# those of Zope and Plone may need updating at the same time.
#
extends =
    base.cfg
    release-5.2.1-versions.cfg
#    http://dist.plone.org/release/5.2.1/versions.cfg

# If you change your Plone version, you'll also need to update
# the repository link below.
find-links +=
    http://dist.plone.org/release/5.2.1

# This user will own the non-data parts of the installation, and should be used to
# run buildout.
buildout-user = plone_buildout
# A flag to tell the Unified Installer whether or not to document sudo use.
need-sudo = yes


############################################
# Eggs
# ----
# Add an indented line to the eggs section for any Python
# eggs or packages you wish to include in your Plone instance.
#
# Note that versions may be specified here or in the [versions]
# section below. You should always specify versions that you know
# are compatible with the Plone release and at an acceptable
# development level.
#
# If you update to a later version of Plone, remove the hotfix.
#
eggs =
    Plone
    Pillow
    Products.PloneHotfix20200121
    collective.impersonate
    collective.documentviewer
    collective.sortedcontrolpanels
    collective.pwexpiry
    Products.PloneKeywordManager
    plone.app.changeownership
    collective.easyform
    eea.facetednavigation
    plone.app.mosaic
    collective.taxonomy
    plone.app.imagecropping
    collective.z3cform.datagridfield
    collective.collectionfilter
    pas.plugins.ldap
    collective.lineage
    collective.venue
    collective.sidebar


############################################
# ZCML Slugs
# ----------
# Some eggs need ZCML slugs to tell Zope to
# use them. This is increasingly rare.
zcml =
#    plone.reload


############################################
# Development Eggs
# ----------------
# You can use paster to create "development eggs" to
# develop new products/themes. Put these in the src/
# directory.
# You will also need to add the egg names in the
# eggs section above, and may also need to add them
# to the zcml section.
#
# Provide the *paths* to the eggs you are developing here:
develop =
#    src/my.package


############################################
# var Directory
# -------------
# Sets the target directory for the "var" components of the install such as
# database and log files.
#
var-dir=${buildout:directory}/var


############################################
# Backup Directory
# ----------------
# Sets the target directory for the bin/backup and bin/snapshotbackup
# commands. Default is inside this project's var directory, but ideally
# this should be on a separate volume or backup server.
#
backups-dir=${buildout:var-dir}


############################################
# Initial User
# ------------
# This is the user id and password that will be used to create the initial
# user id that will allow you to log in and create a Plone site. This only
# sets the initial password; it will not allow you to change an already
# existing password. If you change the admin password via the web interface,
# the one below will no longer be valid.
# If you find yourself locked out of your Zope/Python installation, you may
# add an emergency user via "bin/plonectl adduser".
user=admin:*****


############################################
# Debug Options
# -------------
# Start Zope/Plone instances in "fg" mode to turn on debug mode;
# this will dramatically slow Plone.
#
# Add-on developers should turn deprecation warnings on
deprecation-warnings = off
# change verbose-security to "on" for useful security errors while developing
verbose-security = off


############################################
# Parts Specification
#--------------------
# Specifies the components that should be included in the buildout.
# Most are defined in the base.cfg extension; you may add your
# own if you need them at the end of this file.
parts =
    instance
    repozo
    backup
    zopepy
    unifiedinstaller
    precompiler
    setpermissions

############################################
# Major Parts
# ----------------------
# These common parts make use of sane base settings from
# base.cfg. To customize a part, just add whatever options
# you need. Read base.cfg for common settings.

[instance]
<= instance_base
recipe = plone.recipe.zope2instance
http-address = 8080



############################################
# Versions Specification
# ----------------------
# Version information supplied here will "pin" Python packages to a particular
# version number, even when you use the "newest" flag running buildout.
# Specifying versions for all packages is a good idea and can prevent
# accidental changes when you add new packages to your buildout.
# Note that versions specified here will override those specified earlier
# in the configuration, including those from the Plone and Zope version
# config files.
#
[versions]

buildout.sanitycheck = 1.0.2
collective.recipe.backup = 4.1.0
plone.recipe.unifiedinstaller = 5.2b1
Products.PloneHotfix20200121 = 1.1

collective.documentviewer = 6.0.0
collective.impersonate = 1.2
repoze.catalog = 0.9.0
zope.index = 5.0.0

Authomatic = 1.0.0
Products.PloneKeywordManager = 3.0.2
appy = 1.0.2
archetypes.querywidget = 1.1.3
collective.ambidexterity = 1.0
collective.collectionfilter = 3.3
collective.documentgenerator = 3.16
collective.easyform = 2.2.0
collective.eeafaceted.collectionwidget = 1.11
collective.eeafaceted.dashboard = 0.12
collective.eeafaceted.z3ctable = 2.10
collective.ifttt = 1.0.2
collective.lineage = 2.3
collective.pwexpiry = 0.15.1
collective.sidebar = 1.2.0
collective.sortedcontrolpanels = 1.0a1
collective.taxonomy = 2.0.0
collective.venue = 4.0
eea.faceted.vocabularies = 6.9
eea.facetednavigation = 13.8
eea.jquery = 11.2
imio.helpers = 0.29
imio.migrator = 1.23
node.ext.ldap = 1.0b12
node.ext.ugm = 0.9.11
pas.plugins.authomatic = 1.0b1
pas.plugins.ldap = 1.7.2
plone.app.changeownership = 1.0
plone.app.imagecropping = 2.2.2
plone.app.jquery = 1.11.2
plumber = 1.6
pyasn1 = 0.4.8
pyasn1-modules = 0.2.8
python-ldap = 3.2.0
yafowil = 2.3.3
yafowil.plone = 3.0.0

# Required by:
# collective.easyform==2.2.0
Products.validation = 2.1.2

# Required by:
# yafowil.yaml==1.3
PyYAML = 5.3.1

# Required by:
# node.ext.ldap==1.0b12
argparse = 1.4.0

# Required by:
# node.ext.ldap==1.0b12
# pas.plugins.ldap==1.7.2
bda.cache = 1.3.0

# Required by:
# collective.venue==4.0
collective.address = 1.6

# Required by:
# collective.documentgenerator==3.16
# collective.eeafaceted.collectionwidget==1.11
collective.behavior.talcondition = 0.11

# Required by:
# collective.eeafaceted.dashboard==0.12
collective.compoundcriterion = 0.4

# Required by:
# collective.documentgenerator==3.16
# collective.eeafaceted.z3ctable==2.10
collective.excelexport = 1.8.2

# Required by:
# collective.eeafaceted.dashboard==0.12
imio.prettylink = 1.16

# Required by:
# pas.plugins.ldap==1.7.2
node = 0.9.25

# Required by:
# pas.plugins.ldap==1.7.2
odict = 1.7.0

# Required by:
# node.ext.ldap==1.0b12
passlib = 1.7.2

# Required by:
# collective.documentgenerator==3.16
phonenumbers = 8.12.5

# Required by:
# archetypes.querywidget==1.1.3
plone.app.jquerytools = 1.9.5

# Required by:
# collective.address==1.6
pycountry = 19.8.18

# Required by:
# bda.cache==1.3.0
python-memcached = 1.59

# Required by:
# collective.excelexport==1.8.2
xlwt = 1.3.0

# Required by:
# pas.plugins.ldap==1.7.2
yafowil.widget.array = 1.6.1

# Required by:
# pas.plugins.ldap==1.7.2
yafowil.widget.dict = 1.7

# Required by:
# pas.plugins.ldap==1.7.2
yafowil.yaml = 1.3

# Required by:
# collective.documentgenerator==3.16
# collective.eeafaceted.z3ctable==2.10
z3c.table = 2.1.1