How a case and its case items are persisted is configurable. The framework offers 2 policies:
hierachicalCasepolicy persists all the items of a case under the case. It makes the creation of the user interface simpler as it can use Nuxeo's default way to show documents and to browse the item hierarchy. We recommend this policy for case management applications where case items have to be hierarchichal and where one case item can be found in only one case. This policy is used in the default application shipped with Nuxeo CMF.
SingleCaseItempolicy persists all the items outside the case. It allows to have the same items in different cases. We recommend this policy when users can create a case from existing items. This policy is used in the Correspondence application.
In Nuxeo CMF, everything is a Nuxeo document. Nuxeo CMF uses the following document types: Case (green rectangle), CaseItem (blue rectangle), Mailbox ( alias a CaseFolder) (white rectangle) and CaseLink (grey rectangle).
In this diagram, there are 3 Cases:
- Case 1 has 1 case item (CaseItem x) and is in MailboxA .
- Case 2 has 2 case items (CaseItem y and z) and is in Mailbox A, B and P.
- Case 3 has 2 case items (CaseItem z and t) and is in Mailbox B.
This shows some importants concepts about Nuxeo Case Management Framework:
- Mailboxes are folderish and can contain CaseLinks.
- The object in a Mailbox is a simple document (CaseLink). Sending a Case to a Mailbox only creates a CaseLink document: we do not copy the Case and its CaseItems in the Mailbox.
- Cases hold only references to CaseItems (not shown in this diagram is the fact that CaseItems are ordered inside a case) - we do not copy CaseItems inside Cases.
- Cases and CaseItems are not children of a Mailbox. This will have an impact on security.
Nuxeo CMF uses two hierarchies of documents to store content: Mailboxes are stored in one, and Cases and CaseItems in the other. Those two hierarchies can be placed side by side with the other usual roots (Workspaces, Sections and Templates).
The diagram above provides a hierarchical representation of the items listed in the previous diagram (the one with rectangles). Case 1 and CaseItem x were created on the 18th of October 2009. The other cases and case items on the 19th.
CaseRoot is used to store CaseItems and Cases documents. They are created in a “yyyy/mm/dd” hierarchy corresponding to their creation date, so that not too many documents are stored in the same folder. This hierarchy does not have any other functional purpose. By default, only administrators can access it. Rights on CaseItems and Cases will be set automatically by the distribution service.
MailboxRoot is used to store all Mailboxes (personal, generic)... By default, only administrators have access to it. Rights on Mailboxes are handled automatically by the system (to give access rights to the delegates of the Mailbox for instance).
This policy persists Cases the same way that the
SingleCaseItem policy. It persists CaseItems under Cases in the repository.
Documents and envelopes
Documents can be accessed outside the context of a case, but they need to be sent/received through a case, which is the main entry when clicking on a received document.
Cases reference documents stored in them by storing target document IDs in a string list in its schema.
If other metadata need to be involved (a comment stating who added a document to the envelope, for instance), it would have to be duplicated in a custom complex schema, and synchronization between both fields should be possible through event listeners.
CaseItems and Cases live in a different hierarchy than Mailboxes. The standard security principle are still applied too each document, however we need to be able to set the security depending on the folder the Case/CaseItem is in.
This is done in 2 steps:
- When a Case/a Case Item is created and distributed, a new ACE is added to the document with a group name of "mailbox_<MAILBOX_NAME>" for each mailbox the document is in. When the document is added/removed from a Mailbox, this ACE is added/removed.
- When a user logs in, the set of Mailboxes he can access is computed. Each one is added to the list of groups the user belongs to with the "mailbox_" prefix.
The setting of ACE is done using a listener. The setting of groups is done using the computed group extension point.
The normal Nuxeo security still applies to documents, and administrators can access the right management tab and give/remove access to the document to users and groups. The mailbox specific rights are not shown in that tab.