Changelog for plone.app.workflow

    (name of developer listed in brackets)

plone.app.workflow - 1.0.8

    - Protect the "sharing" form against CSRF attacks.
      [witsch]

plone.app.workflow - 1.0.7

    - Created fine-grained permissions for delegating sharing page roles in
      order to avoid people with a delegated permission escalating their own
      privileges. This can now be controlled at a high level by the
      "Sharing page: Delegate roles" permission, which controls access to the
      Sharing page machinery, and at an individual roles basis, with 
      permissions like "Sharing page: Delegate Editor role".
      http://dev.plone.org/plone/ticket/7652

    - Stopped people from locking themselves out by disabling the ability
      to edit their own roles.

    - Added friendly "Changes saved" message.
      http://dev.plone.org/plone/ticket/6966

    - user_search_results() now searches in login name as well as fullname.
      Fixes http://dev.plone.org/plone/ticket/6853
      [erikrose]

    - Factored up the duplicated logic from user_search_results() and
      group_search_results() to form _principal_search_results().
      [erikrose]

plone.app.workflow - 0.1

    - Added missing closing head tag to sharing.pt. This closes
      http://dev.plone.org/plone/ticket/7161.
      [hannosch]

    - Initial package structure.
      [zopeskel]

