This describes architecture .

The Problem

Right now "closed" projects cannot be viewed in any way unless you are member of the project.  Additionally we want to take it a bit further, and make (optionally) closed projects invisible, so until you are authenticated you cannot even tell they exist.

This is relatively straight-forward in Zope, where permissions can be widely and hierarchically applied.  Currently all closed projects give "unauthorized" errors, but that needs to be changed to "Not Found".  However, this does not apply to other projects.

The Solution

At the Deliverance level we determine the project (to identify the theme).  Near that level we also need to make projects invisible.  We'll have to have some (very heavily cached) way to query Zope about projects from that layer, determining if the project is closed/invisible.  If it is, and the user is not a member, the request should be blocked early.

We must be careful that the Not Found message does not itself identify the project as being invisible.  At this same level we should block projects that aren't found.

It's not clear if this is a 1.0 feature.

This interacts with subprojects+ as we aren't doing anything to identify subprojects in Deliverance currently (and subprojects are often closed when their parent project is not).