Index: openacs-4/packages/file-storage/www/doc/design.adp
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/file-storage/www/doc/design.adp,v
diff -u -r1.1.2.3 -r1.1.2.4
--- openacs-4/packages/file-storage/www/doc/design.adp	9 Jun 2016 13:03:12 -0000	1.1.2.3
+++ openacs-4/packages/file-storage/www/doc/design.adp	3 Jul 2016 18:15:32 -0000	1.1.2.4
@@ -29,8 +29,8 @@
 any risk that a cracker-uploaded file will be executed as code</li><li>Retrieve historical versions of a file</li>
 </ul>
 <p>We want something that is relatively secure, and can be extended
-and maintained by any ArsDigita programmer, <em>i.e.</em>, something
-that requires only AOLserver Tcl and Oracle skills.</p>
+and maintained by any ArsDigita programmer, <em>i.e.</em>,
+something that requires only AOLserver Tcl and Oracle skills.</p>
 <p>In ACS 4, File Storage can be implemented on top of the Content
 Repository. Thus, there is no data model associated with File
 Storage. It is only a UI and a small set of Tcl and PL/SQL library
@@ -50,7 +50,7 @@
 and passwords are transmitted in the clear. A cracker might sniff a
 password, upload Perl scripts or ADP pages, then grab those URLs
 from a Web browser. The cracker is now executing arbitrary code on
-your server with all the privileges that you've given your Web
+your server with all the privileges that you&#39;ve given your Web
 server.</p>
 <p>The File Storage application is not a web-based file system, and
 can not be fairly compared against such systems. The role of File
@@ -65,9 +65,9 @@
 trees.) The reasons for this were to simplify the code and the user
 experience. However, this system actually caused some confusion
 (<em>e.g.</em>, explicitly granting permission to an outsider on a
-file in a group's private tree did not actually give that person
-access to the file) and was not as flexible as people desired. The
-ACS 4 version includes folder read, write and delete
+file in a group&#39;s private tree did not actually give that
+person access to the file) and was not as flexible as people
+desired. The ACS 4 version includes folder read, write and delete
 permissions.</p>
 <p>Note that this can create some funny results. For example, a
 user might have write permission on a folder, but not on some of
@@ -76,27 +76,28 @@
 <h4>Deletion of Files</h4>
 <p>Previous versions of File Storage allowed only administrators to
 actually delete content (although users could mark content as
-"deleted" using a toggle in the data model, deleted_p.) However,
-the proper use of versioning should allow users to avoid
+"deleted" using a toggle in the data model, deleted_p.)
+However, the proper use of versioning should allow users to avoid
 accidentally losing their files. So, in this version, if a person
 asks to delete a version or a file, we really delete it.</p>
 <h4>Use of Content Repository</h4>
 <p>Basing this system on the Content Repository provides a wealth
 of useful functionality for File Storage with no additional
 development costs. However, it may also constrain the system
 somewhat.</p>
-<p>The Content Repository's datamodel has been extended to include
-an attibute to store the filesize. Unfortunately, the Content
-Repository does not automatically do this, since files may be
-stored on the filesystem (the Content Repository thus serving as a
-catalog to keep track of file location and some metadata, but not
+<p>The Content Repository&#39;s datamodel has been extended to
+include an attibute to store the filesize. Unfortunately, the
+Content Repository does not automatically do this, since files may
+be stored on the filesystem (the Content Repository thus serving as
+a catalog to keep track of file location and some metadata, but not
 the filesize). The filesize is therefore calculated whenever a file
 is inserted in the Content Repository by the external program (the
-webserver's database driver) doing the insertion into the
+webserver&#39;s database driver) doing the insertion into the
 database..</p>
-<p>The content_revision is subtyped as a "file-storage-item" to
-allow site-wide search to distinguish file storage objects in its
-search results. This feature is not implemented yet, however.</p>
+<p>The content_revision is subtyped as a
+"file-storage-item" to allow site-wide search to
+distinguish file storage objects in its search results. This
+feature is not implemented yet, however.</p>
 <h4>Permissions Design</h4>
 <p>Permissions were chosen to make as much use as possible of the
 predefined privileges while keeping the connotative value of each
@@ -134,31 +135,34 @@
 this is to abstract from the Content Repository datamodel and
 naming conventions, due to the different way File Storage labels
 its objects.</p>
-<p>The main objects of File Storage are "folders" and "files". A
-"folder" is analogous to a subdirectory in the Unix/Windows-world
-filesystem. Folder objects are stored as Content Repostory folders,
-thus folders are stored "as is" in the Content Repository.</p>
-<p>"Files", however, can cause some confusion when stored in the
-Content Repository. A "file" in File Storage consists of meta-data,
-and possibly multiple versions of the file's contents. The main
-meta-data of a "file" is its "title", which is stored in the
-Content Repository's "name" attribute of the cr_items table. The
-"title" of a file should be unique within a subdirectory, although
-a directory may contain a file and a folder with the same
-"title".</p>
+<p>The main objects of File Storage are "folders" and
+"files". A "folder" is analogous to a
+subdirectory in the Unix/Windows-world filesystem. Folder objects
+are stored as Content Repostory folders, thus folders are stored
+"as is" in the Content Repository.</p>
+<p>"Files", however, can cause some confusion when stored
+in the Content Repository. A "file" in File Storage
+consists of meta-data, and possibly multiple versions of the
+file&#39;s contents. The main meta-data of a "file" is
+its "title", which is stored in the Content
+Repository&#39;s "name" attribute of the cr_items table.
+The "title" of a file should be unique within a
+subdirectory, although a directory may contain a file and a folder
+with the same "title".</p>
 <p>Each version of a file is stored as a revision in cr_revisions
 table of Content Repository. The Content Repository also allows
 some meta-data about a version to be stored in this table, and
 indeed File Storage uses attributes of the cr_revisions table are
 used. However, this is where the confusion is created. The name of
-the filename uploaded from the client's computer, as a version of
-the file, is stored in the "title" attribute of cr_revisions. Note
-that "title" is also used as the (unique within a folder)
-identifier of the file stored in cr_items. Thus, wrappers to the
-Content Repository API makes sure that the naming convention is
-corect: cr_items.name attribute stores the title of a file and all
-its versions, while the cr_revisions.title attribute stores the
-filename of the version uploaded into the Content Repository.</p>
+the filename uploaded from the client&#39;s computer, as a version
+of the file, is stored in the "title" attribute of
+cr_revisions. Note that "title" is also used as the
+(unique within a folder) identifier of the file stored in cr_items.
+Thus, wrappers to the Content Repository API makes sure that the
+naming convention is corect: cr_items.name attribute stores the
+title of a file and all its versions, while the cr_revisions.title
+attribute stores the filename of the version uploaded into the
+Content Repository.</p>
 <p>Meta-data about a version of a file stored in Content Repository
 are the size of the version (stored in cr_revisions.content_length)
 and version notes (stored in cr_revisions.description).</p>
@@ -205,7 +209,7 @@
 </pre><blockquote>Sends the requested file to the user. Note that the
 path has the original file name, so the browser will have a
 sensible name if you save the file. Version downloads are supported
-by looking for the form variable version_id. We don't actually
+by looking for the form variable version_id. We don&#39;t actually
 check that the version_id matches the path, we just serve it up.
 <dl>
 <dt><strong>Parameters:</strong></dt><dd>
@@ -280,45 +284,46 @@
 <p>Inserting a row into the table fs_root_folders occurs the first
 time the package instance is visited. The reason is that there is
 no facility in APM to insert a row in the database everytime a
-package instance is created (technically, there is no "on insert"
-trigger imposed by APM on Content Repository, since they are
-separate packages even though they are both part of the core). The
-solution to this deficiency is a bit hack-ish, but seems to be the
-only solution available (unless APM allows trigger functions to be
-registered, to be caled at package instance creation). Whenever the
-package instance is first visited, it calls a PL/SQL function that
-calculated the "root folder" of the File Storage. If this function
-detects that there is no "root folder" yet for this instance (as
-would be the case when the instance is first visited), it inserts
-the package id and a unique folder_id into the fs_root_folder table
-to serve as the root folder identifier. It also inserts meta-data
-information about this folder in cr_items table. Finally, it
-returns the newly created folder identifier as the root folder for
-this package instance. Subsequent visits to the package instance
-will detect the root folder, and will then return the root folder
-identifier.</p>
-<p>There is an "on delete cascade" constraint imposed on the
-package_id attribute of fs_root_folders. The reason for this is
+package instance is created (technically, there is no "on
+insert" trigger imposed by APM on Content Repository, since
+they are separate packages even though they are both part of the
+core). The solution to this deficiency is a bit hack-ish, but seems
+to be the only solution available (unless APM allows trigger
+functions to be registered, to be caled at package instance
+creation). Whenever the package instance is first visited, it calls
+a PL/SQL function that calculated the "root folder" of
+the File Storage. If this function detects that there is no
+"root folder" yet for this instance (as would be the case
+when the instance is first visited), it inserts the package id and
+a unique folder_id into the fs_root_folder table to serve as the
+root folder identifier. It also inserts meta-data information about
+this folder in cr_items table. Finally, it returns the newly
+created folder identifier as the root folder for this package
+instance. Subsequent visits to the package instance will detect the
+root folder, and will then return the root folder identifier.</p>
+<p>There is an "on delete cascade" constraint imposed on
+the package_id attribute of fs_root_folders. The reason for this is
 that whenever the package instance is deleted by the site
 administrator, it automatically deletes the mapping between APM and
 the Content Repository (i.e, the package identifier and the root
 folder identified), and presumably the particular instance of File
 Storage. Unfortunately this has an undesirable effect. There is no
-corresponding "on delete cascade" on the Content Repository objects
-so that deleting the root folder will cause deletion of everything
-under the root folder. Left on its own, the "on delete cascade" on
-the package identifier attribute of fs_root_folders will cause all
-objects belonging to the instance of File Storage deleted to be
-orphaned in the database, since the root folder is the crucial link
-from which all content is referenced!</p>
-<p>The solution is (hopefully) more elegant: an "before on delete"
-trigger that first cleans up all contents under the root folder
-identifier before the root folder identifier is deleted by APM.
-This trigger walks through all the contents of the instance of File
-Storage, and starts deleting from the "leaves" or end nodes of the
-file tree up to the root folder. Later improvements in Content
-Repository will allow archiving of the contents instaed of actually
-deleting them from the database.</p>
+corresponding "on delete cascade" on the Content
+Repository objects so that deleting the root folder will cause
+deletion of everything under the root folder. Left on its own, the
+"on delete cascade" on the package identifier attribute
+of fs_root_folders will cause all objects belonging to the instance
+of File Storage deleted to be orphaned in the database, since the
+root folder is the crucial link from which all content is
+referenced!</p>
+<p>The solution is (hopefully) more elegant: an "before on
+delete" trigger that first cleans up all contents under the
+root folder identifier before the root folder identifier is deleted
+by APM. This trigger walks through all the contents of the instance
+of File Storage, and starts deleting from the "leaves" or
+end nodes of the file tree up to the root folder. Later
+improvements in Content Repository will allow archiving of the
+contents instaed of actually deleting them from the database.</p>
 <h3>VIII. User Interface</h3>
 <p>The user interface attempts to replicate the file system
 metaphors familiar to most computer users, with folders containing
@@ -333,15 +338,15 @@
 Storage. The first parameter <em>MaximumFileSize</em> is the
 maximum size of uploaded files, which should be self-explanatory.
 The other parameter is a flag that indicates to the package whether
-files are stored in the database or in the webserver's filesystem.
-This second parameter <em>StoreFilesInDatabaseP</em> uses the new
-capability in Content Repository to use the Content Repository as a
-mere catalog to store file information while the actual file
-contents are stored in the webserver's filesystem. Note that when
-files are stored in the filesystem, backups of the database will
-only store the catalog, but not the contents. Thus, it is important
-for the site administrator to store the entire directory containing
-the Content Repository files (in particular,
+files are stored in the database or in the webserver&#39;s
+filesystem. This second parameter <em>StoreFilesInDatabaseP</em>
+uses the new capability in Content Repository to use the Content
+Repository as a mere catalog to store file information while the
+actual file contents are stored in the webserver&#39;s filesystem.
+Note that when files are stored in the filesystem, backups of the
+database will only store the catalog, but not the contents. Thus,
+it is important for the site administrator to store the entire
+directory containing the Content Repository files (in particular,
 <em>pageroot</em>/content-repository-content-files) when storing
 files in the fiesystem.</p>
 <p>When a file is stored in the Content Repository, it first
@@ -375,11 +380,11 @@
 that actually serves the files after you create a new site-node.
 This is similar to the previous issue and will probably be dealt
 with similarly.</li><li>We automatically add MIME types to <code>cr_mime_types</code>
-if they aren't there already. However, we don't currently have a
-way of entering the description at the same time, so we have to
-display "application/msword" instead of "MS Word Document", for
-example. We could use a method of determining the canonical long
-form of a MIME type.</li>
+if they aren&#39;t there already. However, we don&#39;t currently
+have a way of entering the description at the same time, so we have
+to display "application/msword" instead of "MS Word
+Document", for example. We could use a method of determining
+the canonical long form of a MIME type.</li>
 </ul>
 <h3>XI. Authors</h3>
 <ul><li>System creator:<br>
Index: openacs-4/packages/file-storage/www/doc/requirements.adp
===================================================================
RCS file: /usr/local/cvsroot/openacs-4/packages/file-storage/www/doc/requirements.adp,v
diff -u -r1.1.2.4 -r1.1.2.5
--- openacs-4/packages/file-storage/www/doc/requirements.adp	9 Jun 2016 13:03:12 -0000	1.1.2.4
+++ openacs-4/packages/file-storage/www/doc/requirements.adp	3 Jul 2016 18:15:32 -0000	1.1.2.5
@@ -20,26 +20,28 @@
 determine which individuals or groups should be allowed to read
 particular items and who should be allowed to upload new
 versions.</p>
-<p>Since information is only useful if you can find what you're
+<p>Since information is only useful if you can find what you&#39;re
 looking for, files in the file storage system should be searchable,
 both from within the application and through any site-wide search
 facilities.</p>
 <h3>III. System/Application Overview</h3>
 <p>The File-Storage application will consist primarily of a user
 interface that allows individuals to manage their file-storage
-folder(s) and to see other people's publicly accessible files.</p>
+folder(s) and to see other people&#39;s publicly accessible
+files.</p>
 <h3>IV. Use Case and User Scenarios</h3>
 <h4>Using File-Storage to Run a Project</h4>
-<p>In the course of her job at Acme Publishing Company, <strong>Ursula
-User</strong> is working with people from several different offices with
-whom she needs to exchange pictures and Excel spreadsheets
-detailing cost estimates, and collaboratively write contracts using
-Word. At any time, she and the other people she works with need to
-be able to find the current copy of each of these documents - and
-be able to look at older versions if need be to track the evolution
-of the project. If the project is large, Ursula will also need to
-be able to find all the documents pertaining to a particular issue
-- so she will need a full-text search feature.</p>
+<p>In the course of her job at Acme Publishing Company,
+<strong>Ursula User</strong> is working with people from several
+different offices with whom she needs to exchange pictures and
+Excel spreadsheets detailing cost estimates, and collaboratively
+write contracts using Word. At any time, she and the other people
+she works with need to be able to find the current copy of each of
+these documents - and be able to look at older versions if need be
+to track the evolution of the project. If the project is large,
+Ursula will also need to be able to find all the documents
+pertaining to a particular issue - so she will need a full-text
+search feature.</p>
 <p>For each project, Ursula makes a folder on the file-storage
 system and gives read, write, and edit permission to the group of
 people she is working with for that project. Then she makes
@@ -53,22 +55,22 @@
 outside the group their opinion so she gives them read access to
 just one version of a file so that they can download it and take a
 look. Sometimes production tasks change; if so, Ursula can
-rearrange the project's sub-folder hierarchy to make it more
+rearrange the project&#39;s sub-folder hierarchy to make it more
 closely reflect the new organizational scheme. When a project is
 completed, if Ursula is considerate of the maintainers of the site
 and of other users, she will clean-up after herself, downloading
 the canonical version of all the documents to her local machine and
 deleting the files from the server.</p>
 <h4>Administer File-Storage</h4>
 <p>
-<strong>Annie Admin</strong> primarily has the job of periodically
-cleaning up after users. If disk space is tight on the server, she
-may want to look for files that haven't been accessed in a long
-time and either encourage the owners of those files to delete
-anything they don't need on the server anymore or delete files
-herself if the user can't be contacted or is unresponsive.
-Depending on the precise permissions implementation, Annie may
-occasionally need to intercede when the owner of a file
+<strong>Annie Admin</strong> primarily has the job of
+periodically cleaning up after users. If disk space is tight on the
+server, she may want to look for files that haven&#39;t been
+accessed in a long time and either encourage the owners of those
+files to delete anything they don&#39;t need on the server anymore
+or delete files herself if the user can&#39;t be contacted or is
+unresponsive. Depending on the precise permissions implementation,
+Annie may occasionally need to intercede when the owner of a file
 accidentally revokes their own permission to access the file.</p>
 <h3>V. Related Links</h3>
 <ul>
@@ -77,58 +79,62 @@
 <h3>VI.A. Requirements: Data Model</h3>
 <p><strong>10 The Data Model</strong></p>
 <p>
-<strong>10.1</strong> each file should have a unique identifier</p>
-<p>
-<strong>10.2</strong> each version of a file should have a unique
+<strong>10.1</strong> each file should have a unique
 identifier</p>
 <p>
-<strong>10.3</strong> each file should have an associated owner</p>
+<strong>10.2</strong> each version of a file should have a
+unique identifier</p>
 <p>
-<strong>10.4</strong> each version should have an associated owner</p>
+<strong>10.3</strong> each file should have an associated
+owner</p>
 <p>
-<strong>10.5</strong> files will be organized in a hierarchical set of
-folders</p>
+<strong>10.4</strong> each version should have an associated
+owner</p>
 <p>
-<strong>10.6</strong> each version of each file will have individual read,
-write, delete, comment, and administer permissions associated with
-it</p>
+<strong>10.5</strong> files will be organized in a hierarchical
+set of folders</p>
+<p>
+<strong>10.6</strong> each version of each file will have
+individual read, write, delete, comment, and administer permissions
+associated with it</p>
 <h3>VI.B. Requirements: Administrator Interface</h3>
 <p><strong>20 Administrator Interface</strong></p>
 <p>
-<strong>20.1</strong> the administrator should be able to view all files
-in the file-storage system</p>
+<strong>20.1</strong> the administrator should be able to view
+all files in the file-storage system</p>
 <p>
-<strong>20.2</strong> the administrator should be able to edit, delete, or
-alter permissions for any file belonging to any user</p>
+<strong>20.2</strong> the administrator should be able to edit,
+delete, or alter permissions for any file belonging to any user</p>
 <h3>VI.C. Requirements: User Interface</h3>
 <p><strong>30 User Interface</strong></p>
 <p>
-<strong>30.1</strong> a user should be able to create folders and
-subfolders in which he can place his files</p>
+<strong>30.1</strong> a user should be able to create folders
+and subfolders in which he can place his files</p>
 <p>
-<strong>30.2</strong> a user should be able to add new files and new
-versions of files</p>
+<strong>30.2</strong> a user should be able to add new files and
+new versions of files</p>
 <p>
-<strong>30.3</strong> a user should be able to move files to different
-folders or sub-folders</p>
+<strong>30.3</strong> a user should be able to move files to
+different folders or sub-folders</p>
 <p>
-<strong>30.4</strong> a user should be able to delete folders and
-individual files</p>
+<strong>30.4</strong> a user should be able to delete folders
+and individual files</p>
 <p>
-<strong>30.5</strong> a user should be able to specify permissions for any
-user or group on any folder, file, or version.</p>
+<strong>30.5</strong> a user should be able to specify
+permissions for any user or group on any folder, file, or
+version.</p>
 <p>
-<strong>30.6</strong> a user should be able to download any version which
-is accessible to him</p>
+<strong>30.6</strong> a user should be able to download any
+version which is accessible to him</p>
 <p>
-<strong>30.7</strong> a user should be able to view and/or edit other
-user's files if the user has been granted individual or group
-permission with access to the files</p>
+<strong>30.7</strong> a user should be able to view and/or edit
+other user&#39;s files if the user has been granted individual or
+group permission with access to the files</p>
 <p>
-<strong>30.8</strong> a user should be able to search the text of the
-documents stored in the file-storage system (requires full-text
-search capability from the database - in the case of Oracle,
-requires InterMedia)</p>
+<strong>30.8</strong> a user should be able to search the text
+of the documents stored in the file-storage system (requires
+full-text search capability from the database - in the case of
+Oracle, requires InterMedia)</p>
 <h3>VII. Revision History</h3>
 <table cellpadding="2" cellspacing="2" width="90%" bgcolor="#EFEFEF">
 <tr bgcolor="#E0E0E0">