Professional Plone Development

Professional Plone Development
eBook: $23.99
Formats: PDF, PacktLib, ePub and Mobi formats
save 25%!
Print + free eBook + free PacktLib access to the book: $63.98    Print cover: $39.99
save 37%!
Free Shipping!
UK, US, Europe and selected countries in Asia.
Also available on:
Table of Contents
Sample Chapters
  • Plone development fundamentals
  • Customizing Plone
  • Developing new functionality
  • Real-world deployments


Book Details

Language : English
Paperback : 420 pages [ 235mm x 191mm ]
Release Date : September 2007
ISBN : 1847191983
ISBN 13 : 9781847191984
Author(s) : Martin Aspeli
Topics and Technologies : All Books, CMS and eCommerce, Content Management (CMS), Open Source, Plone, Python

Table of Contents

Chapter 1: Plone in Context
Chapter 2: The Case Study
Chapter 3: The Development Environment
Chapter 4: Customization Basics
Chapter 5: Developing a Site Strategy
Chapter 6: Security and Workflow
Chapter 7: Using Add-on Products
Chapter 8: Creating a Custom Theme
Chapter 9: Nine Core Concepts of Zope Programming
Chapter 10: Custom Content Types
Chapter 11: Standalone Views and Forms
Chapter 12: Relational Databases
Chapter 13: Users and Their Permissions
Chapter 14: Rich User Interfaces with KSS
Chapter 15: Next Steps
Chapter 16: Server Management
Chapter 17: Setting Up a Production Server
Chapter 18: Authenticating with LDAP
Chapter 19: Looking to the Future
  • Chapter 1: Plone in Context
    • A Brief History
    • Competition
    • Plone-the-Application and Plone-the-Framework
    • Additional Considerations when Deciding on Plone
    • Licensing
    • The Plone Community, and Why You Belong There
    • Summary
  • Chapter 3: The Development Environment
    • Prerequisites
    • Quick Start
    • Glossary
    • Creating a Zope Instance Manually
    • Understanding Eggs and Setuptools
      • Installing Eggs
    • Automating the Build Process with zc.buildout
      • Installing Paste Script and ZopeSkel
      • Creating and Customizing the Buildout
        • The Buildout Configuration File
        • The Buildout Directory
      • Avoiding Duplication between Buildouts
    • Additional Development Tools
    • Learning to Help Yourself
      • Use the Source, Luke!
      • Become Familiar with the Debugger
      • Write Tests for Everything
    • Summary
  • Chapter 4: Customization Basics
    • Persistent Settings and the ZODB
    • Configuration Using GenericSetup
      • GenericSetup and the Add/Remove Products Control Panel
    • Acquisition and Skin Layers
    • Overriding Zope 3 Components
    • Customization Best Practices
      • Using Source Control
      • Writing Tests
      • Migration of Persistent State
    • Summary
  • Chapter 5: Developing a Site Strategy
    • Creating a "Policy Product"
      • Creating an Extension Profile
      • Writing Tests for Customizations
      • Making a Change with the Extension Profile
      • Installation through the Web
    • Information Architecture
    • Summary
  • Chapter 6: Security and Workflow
    • Security Primitives
      • Users and Groups
      • Permissions
      • Roles
      • Manipulating Permissions and Roles Programmatically
    • Keeping Control with Workflow
      • Using Workflow from Python
    • Custom Workflow Installation
      • Designing a New Workflow
      • Amending the Policy Product
      • Writing the Tests
    • Protected and Trusted Code
      • Restricted Python
    • Summary
  • Chapter 8: Creating a Custom Theme
    • Background
    • The Theme Package
      • Adding a Test to the Policy Product
      • Theme Product Contents
    • Tools and Techniques
      • Building the Theme
    • Custom CSS Style Sheets
      • Using "base_properties" and DTML Variables in Style Sheets
    • Image Resources
    • Managing Viewlets
      • Defining Viewlet Managers
      • Reassigning Viewlets
      • Creating New Viewlets
    • Overriding Visual Elements
      • Templates and Other Resources in Skin Layers
      • Zope 3-Style Browser Views
      • Viewlets
      • Portlets
    • Summary
  • Chapter 9: Nine Core Concepts of Zope Programming
    • 1. Object Publishing and Traversal
      • Containment
      • Acquisition Chains
      • Path Traversal
    • 2. ZODB Persistence
      • Transactions
      • Object Persistence
    • 3. Searching Objects Using the Catalog
    • 4. Describing Functionality with Interfaces
      • Using Interfaces in Catalog Searches
    • 5. Component Configuration with ZCML
    • 6. Component Registries Using Utilities
      • Global Utilities
      • Named Utilities
      • Local Utilities
      • Tools
    • 7. Aspect-oriented Programming with Adapters
      • Multi-adapters
      • Named Adapters
      • Adapter Factories
    • 8. Views and Other Presentation Components
      • Content Providers and Viewlets
    • 9. Synchronous Events
      • Object Events
    • Summary
  • Chapter 10: Custom Content Types
    • Content-Centric Design
    • Package Layout
    • Modeling with Interfaces
    • Using the Archetypes Framework
      • Content Base Classes
      • Schemata, Fields, and Widgets
        • Vocabularies
        • Reference Fields
        • Field and Object Validation
      • The Class Generator
      • Field Properties
      • Content Security
      • Views and Browser Resources
        • Icons and Style Sheets
        • Main Content Views
        • Inline Editing
        • Edit Forms, Add Forms, and Events
      • Installing and Registering Types
        • Factories and Add Permissions
        • Registering Content Types with the Factory Tool
        • Adding Catalog Indexes and Metadata Columns
    • Installation and Configuration in the Policy Product
      • Adjusting the Security Policy
      • Adjusting Navigation Tree Properties
      • Enabling Content Object Versioning
      • Site Policy Tests
    • Functional Tests
    • Creating a New Portlet
      • Configuring and Registering New Portlet Types
      • Assigning Portlets Automatically
    • Zope 3, Formlib, and the Role of Archetypes
    • Summary
  • Chapter 11: Standalone Views and Forms
    • Pages Without a Specific Context
      • Templates in Skin Layers
      • Views Available on All Objects
      • Views on the Portal Root
      • Invoking Standalone Pages
    • Writing Custom Forms
      • Checking Form Submit Buttons
      • Form Input Converters
      • Performing Redirects
    • Automatically Generating Forms
    • The Form Controller Tool
    • Forms in Viewlets
    • Global Template Variables and Helper Views
    • Summary
  • Chapter 12: Relational Databases
    • Relational Databases vs. the ZODB
    • Modeling Screenings and Reservations
      • Screening Query and Reservation Services
    • Setting Up the Database
    • SQLAlchemy—Turning SQL Lead into Python Gold
    • Managing Database Connections
      • Making a New Plone Control Panel
    • Writing the Database Utilities
      • Database Tests
      • Querying the Database
      • Updating and Inserting Records
    • Adding the User Interface
      • Updating the Film and Cinema Views
      • Screenings and Bookings
    • Summary
  • Chapter 13: Users and Their Permissions
    • Defining a Membership Policy
      • Updating the Site Policy Product
      • Managing Member Metadata
    • Collaborative Workspaces
    • Advanced Member Management Options
      • The Pluggable Authentication Service
      • Membrane and Remember
    • Summary
  • Chapter 14: Rich User Interfaces with KSS
    • Understanding KSS
    • KSS-Enabling Film Ratings
      • The Kinetic Style Sheet
      • Page Template Markup
      • Server-Side Logic
      • Debugging KSS
      • Tests for KSS Commands
    • A Brief KSS Reference
      • Kinetic Style Sheet Syntax
        • Standard Events
        • Client-Side Actions
        • Parameter Functions
      • Server-Side Commands
      • The 'core' Command Set
      • The 'zope' Command Set
      • The 'plone' Command Set
    • KSS-Enabling the "my cinema" Functionality
    • Summary
  • Chapter 15: Next Steps
    • Our Achievements So Far
    • Additional Functionality
      • Discussion and Participation
      • Additional Reporting
      • More Advanced Ticketing
      • New Content Types
      • Internationalization
        • Translating Content
        • Translating User Interface Strings
    • Summary
  • Chapter 16: Server Management
    • Deployment Checklist
    • Zope Enterprise Objects
    • A Deployment Buildout
    • Moving the Code and Database to a Live Server
    • Zope as a Service
    • Backups and Database Maintenance
    • Summary
  • Chapter 17: Setting Up a Production Server
    • Virtual Hosting
      • Using Zope Only
      • Zope behind Apache
        • Configuring Virtual Hosting and RewriteRules in Apache
    • Caching
      • Setting Up CacheFu
        • Caching the Optilux Content Types and Views
      • Using Varnish as a Caching Reverse Proxy
        • Adjusting the Apache Configuration
        • Varnish via Buildout
      • Benchmarking
    • Summary

Martin Aspeli

Martin Aspeli is an experienced Plone consultant and a prolific Plone contributor. He served on the Framework Team for Plone 3.0, and is responsible for many new features such as the improved portlets infrastructure, the “content rules” engine, and several R&D efforts relating to Plone 4.0. He is a former leader of the Plone Documentation Team and has written a number of well-received tutorials available on He is also the author of Professional Plone Development and was recognized in 2008 by Packt Publishing as one of the “Most Valuable People” in Open source Content Management Systems.

Code Downloads

Download the code and support files for this book.

Submit Errata

Please let us know if you have found any errors not listed on this list by completing our errata submission form. Our editors will check them and add them to this list. Thank you.


- 40 submitted: last submission 13 Nov 2013

Errata type: Typo | Page number: 130

However, like the login-related templates alrealdy mentioned,.... 'alrealdy' is wrongly spelled. It should be 'already'


Errata type: Code bundle | Page number: Code bundle

Filename optilux-tetstdata.sql is misspelled. It should be optilux-testdata.sql.


Errata type: Code | Page number: 17

Missing apostrophe (') on line 3 at the end of the define procedure.


Errata type: Typo | Page number: 23

Multiplicity between Staff-Cinema should be *->*, not 1->n


Errata type: Code | Page number: 28

# python
$ easy_install ZopeSkel
should read:
# python
# easy_install ZopeSkel


Errata type: Typo | Page number: 58

Third paragraph:
"An script may contain[...]"
should read
"An script may contain[...]"


Errata type: Typo | Page number: 63

In the second paragraph a URL is cited (/some-folder/some-content/@@list-contents), but the following text has a typo: If the some-context object... The correct text would be: If the some-content object...


Errata type: Typo | Page number: 63

First line of second paragraph the URL should read like </br>/some-folder/some-context/[...] </br>as opposed to </br>/some-folder/some-content/[...] as some-context is referred to later on


Errata type: Broken Code | Page number: 66

In code example in class declaration TestDocuments in method definition testSetTitle in line:
self.assertEquals("New title", self.folder.d1.Title() assertEquals method called without close parenthesis.
The correct code is:
self.assertEquals("New title", self.folder.d1.Title())


Errata type: Code Format| Page number: 71

In "Creating an Extension Profile" the 4th line of code should be bold since it is a change (addition) to the boilerplate code. The code will not run without this addition. xmlns:genericsetup=""


Errata type: Code| Page number:72

In addition to making the "tests" directory, creating the "tests/" file to make it a module, the existing "" file should be removed.
Full sequence:
$ cd src/optilux.policy/optilux/policy
$ mkdir tests
$ touch tests/
$ rm


Errata type: Typo | Page number: 85

2nd bullet point: In the line "Quite a few permissions that normally apply to logged in uses are given to this role, ....", "uses" should be "users".


Errata type: Code| Page number: 98

The code snippet
def test_role_added(self):
self.failUnless("StaffMember", self.portal.validRoles())
should be:
def test_role_added(self):
self.failUnless("StaffMember" in self.portal.validRoles())


Errata type: Code | Page number: 98

The test condition:
self.failUnless('StaffMember', self.portal.validRoles())
should instead be written:
self.failUnless('StaffMember' in self.portal.validRoles())
The same error is in the sample code for chapter 6, and is located on line 20 of


Errata type: Typo | Page number: 99

In the first line: test_view_permisison...
should be


Errata type: Code | Page number: 99

In first line, letters are transposed.
def test_view_permisison_for_staffmember(self):
should be
def test_view_permission_for_staffmember(self):


Errata type: Technical | Page number: 106

Lines in TestSetup class code should be boldfaces, since they are insertion by the user.


Errata type: Technical | Page number: 107

Lines 7, 9, 11 of code should be commented.
Right lines will be:
# normally # Explicitly. This # enough


Errata type: Code | Page number:110

Code formatting:
should be bold faced.


Errata type: Code | Page number: 113

Code for should use the same functions as in previos listings: ztc.installPackage instead of ztc.installProduct with package option


Errata type: Code | Page number: 113

ztc.installProduct('optilux.policy', package=True)
ztc.installProduct('optilux.theme', package=True)
should read:


Errata type: Typo | Page number: 114

In the first bullet, 'profile.zcml' should be 'profiles.zcml' (plural).


Errata type: Typo | Page number: 128

In the second bullet '/@manage-viewlets' should be '/@@manage-viewlets'


Errata type: Typo | Page number: 128

In the last paragraph, first parenthetical statement, there is an "@" missing. Should read: ...URL as/@@manage-viewlets).


Errata type: Typo | Page number: 144

In second paragraph AFTER the NOTES block, the attribute isPrinicipiaFolderis should be isPrincipiaFolderish.


Errata type: Typo | Page number: 176

Second sentence in first paragraph in 8 section (Views and Other Presentation Components) contains word 'outlned' instead of outlined.


Errata type: Code| Page number: 184

middle of page, last sentence of paragraph under last code example: ".. event.event will be the same." should be ".. event.object will be the same."


Errata type: Typo | Page number: 188

Last sentence on the page should read: When we connect cinemas and films to the external database system that manages film showings and custom bookings, these will act as keys in its tables. "that" is missing in this sentence


Errata type: Technical | Page number: 194

the url for the archetypes reference manual should be:


Errata type: Typo | Page number: 195

first paragraph, first sentence: "..all importable form..." should be "... all importable from..."


Errata type: Broken Code | Page number: 202

For this errata, please refer to the Free Online Edition page of this book here:


Errata type: Broken Code | Page number: 204

In 'Field and Object Validation' section third paragraph's second sentence: 'It is not very hard to register your own generic validators - see Products.ATContentTypes.validators for several examples ...' path to 'validators' module is good for importing but actually validators code lives in 'Products.ATContentTypes.lib.validators'. The correct line should be: - see Products.ATContentTypes.lib.validators


Errata type: Typo | Page number: 224

At the end of the first paragraph, the file is not "workflow.xml" but "workflows.xml".


Errata type: Broken Code | Page number: 229

Third piece of code first line: >>> from Products.PloneTestCase.setup import portal_owner from word 'from' should begin second line of session.


Errata type: Typo | Page number: 242

Typo in third paragraph first sentence: 'The code in is similar to thaat of the other views in the browser sub-package:...'. Mistake in word 'thaat', double 'a'.


Errata type: Typo | Page number: 258

In the last paragraph, it's written: plone_form_scipts instead of plone_form_scripts. 'r' is missing.


Errata type: Typo | Page number: 350

First, notice that that this buildout configuration extends the default configuration, which means that buildout will treat values in that file.... "notice that that this" should be "notice that this"


Errata type: Typo | Page number: 10

Currently he works is an independent consultant, specializing in Zope and Plone. 'is' should be replaced by 'as' as follows:
Currently he works as an independent consultant, specializing in Zope and Plone.


Errata type: Technical | Page number: 28

You should not be root when running paster if you don't intend to be root when running Zope, and if you are running Zope as root, you need to set an effective-user.


Errata type: Code | Page number: 67

value = getattr(self, '_val', None)
should be:
old_val = getattr(self, '_val', None)


Sample chapters

You can view our sample chapters and prefaces of this title on PacktLib or download sample chapters in PDF format.

Frequently bought together

Professional Plone Development +    eZ Publish 4: Enterprise Web Sites Step-by-Step =
50% Off
the second eBook
Price for both: £23.65

Buy both these recommended eBooks together and get 50% off the cheapest eBook.

What you will learn from this book

You will gain an in-depth understanding of the concepts that underpin successful Plone development, including:

  • How to set up a suitable development environment
  • The importance of automated testing of any code you write
  • How to perform Plone customizations in a manageable, re-usable fashion
  • Techniques for branding Plone and changing its look and feel
  • How to safely install and manage third-party add-on components
  • How to create your own content types
  • How to create new forms and templates
  • Ways of interacting with external relational databases
  • Techniques for managing users and custom user metadata
  • Using Plone’s new AJAX framework to build dynamic user interfaces
  • How to set up Zope and Plone in a production environment
  • How to connect to an LDAP/Active Directory repository for authentication
  • How to configure a caching proxy to improve Plone's performance

Throughout the chapters, there is an emphasis on demonstrating key concepts with practical examples. The reader should be able to borrow from the examples to get up and running quickly, but refer to the explanations provided to fully appreciate what is going on under the hood.

In Detail

Plone is an open-source content management framework, built on the top of the Zope application server and written in Python. As a ready-to-use Content Management System with a focus on usability, Plone makes it easy for content authors to create and edit web content.

Plone is also used by developers, as a framework for building content-centric web applications such as dynamic websites and intranets. This book focuses primarily on the developer-oriented aspect of Plone.

This book aims to teach best practices of Plone development, focusing on Plone 3.0. It covers setting up a suitable development environment, customizing Plone’s look and feel, creating new content types and forms, connecting to external databases, and managing users and groups intelligently. It also shows how to configure a production-ready server, with LDAP authentication and caching.

Book Reviews

Slashdot: "There's a great deal to like about this book. The author clearly possesses the expertise and experience needed for providing instruction on a challenging topic such as this. His explanations are not abbreviated, as seen in so many other technical monographs. Furthermore, most programmers learn best by viewing and mentally dissecting sample code. For such people, Martin Aspeli's practical approach — focusing on a substantial sample application — will prove more engaging and instructive than the made-up and oftentimes overly simplistic examples found in many computer programming books — including the increasingly popular cookbook titles." -- Michael J. Ross, Web Developer,

Vitaliy Podoba: "our programmers have gained a lot of relevant information. And there is a countless number of examples that can be provided here. They will definitely get even more trying all described in the book in practice working in Plone 3.0. "

David Handy: "Aspeli is good not just for facts but recommended best practices. So far I am in complete agreement with his philosophies. And especially, I am verypleased for once to be reading relevant, up to date material!"

Visit the Free Online Edition: for a full Table of Contents and summaries from each chapter.


The book takes a pragmatic approach, building a realistic example application based on a case study. The code for this application is included with the book, and should serve as a useful starting point and source of examples for the reader.

Who this book is for

This book is aimed at developers who want to build content-centric web applications leveraging Plone’s proven user interface and flexible infrastructure.

Some familiarity with the Python programming language and basic web technologies such as HTML and CSS is assumed. Readers would also benefit from some prior experience with Zope or Plone, for example as site administrators or “power users”.

Professional Plone Development


Code Download and Errata
Packt Anytime, Anywhere
Register Books
Print Upgrades
eBook Downloads
Video Support
Contact Us
Awards Voting Nominations Previous Winners
Judges Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software
Open Source CMS Hall Of Fame CMS Most Promising Open Source Project Open Source E-Commerce Applications Open Source JavaScript Library Open Source Graphics Software