All geek questions in one place

Plone 4: Limiting Published Content

On a Plone 4.x installation, you can either

  • published content should be restricted to a specific user / group or
  • personal content should be displayed in the menu and look for unregistered users?

I have a client who wants to have content that can only be viewed by a specific user / group, but will be displayed in the menu or searched if he is not logged in.

What would be the best approach to achieve this functionality?

+6
source share
1 answer

You need to configure the workflow as shown below:

  • go to Zope-> portal_workflow management interface
  • Create a new state, say, β€œTrailer” (this is optional, you can set up an existing state instead ... maybe a private state would be a good option to deal with restrictions for certain users / groups)
  • Remove all permissions except "Access Content Information" from an anonymous user in this particular state.
  • Click the "Update Security Settings" button.

Done! Now all content in the Trailer state will be searchable, but will not be displayed by anonymous users.

Note. If you decide to create a new state, as I would say, be sure to add all the necessary transitions.

Edit

Unfortunately, I did not know that in recent versions of Plone, a new index appeared in the portal_catalog portal ( allowedRolesAndUsers ), which prevents the process described above from working as before. The above process is still valid, although you need to override the default index index. First create a new pasteur package using the "plone" template. Then add to the main level of the package (e.g. my.package / my / package) a file called indexers.py with this:

 from zope.interface import Interface from plone.indexer.decorator import indexer from AccessControl.PermissionRole import rolesForPermissionOn from Products.CMFCore.utils import getToolByName from Products.CMFCore.CatalogTool import _mergedLocalRoles @indexer(Interface) def allowedRolesAndUsers(obj): """Return a list of roles and users with View permission. Used by PortalCatalog to filter out items you're not allowed to see. """ allowed = {} for r in rolesForPermissionOn('Access contents information', obj): allowed[r] = 1 # shortcut roles and only index the most basic system role if the object # is viewable by either of those if 'Anonymous' in allowed: return ['Anonymous'] elif 'Authenticated' in allowed: return ['Authenticated'] localroles = {} try: acl_users = getToolByName(obj, 'acl_users', None) if acl_users is not None: localroles = acl_users._getAllLocalRoles(obj) except AttributeError: localroles = _mergedLocalRoles(obj) for user, roles in localroles.items(): for role in roles: if role in allowed: allowed['user:' + user] = 1 if 'Owner' in allowed: del allowed['Owner'] return list(allowed.keys())

and then at the same level add the overrides.zcml file with this:

 <configure xmlns="http://namespaces.zope.org/zope"> <adapter factory=".indexers.allowedRolesAndUsers" name="allowedRolesAndUsers" /> </configure>

At the end, your product tree should look like this:

 my.package/ β”œβ”€β”€ my β”‚  β”œβ”€β”€ __init__.py β”‚  └── package β”‚  β”œβ”€β”€ configure.zcml β”‚ β”œβ”€β”€ overrides.zcml β”‚ β”œβ”€β”€ indexers.py β”‚  β”œβ”€β”€ __init__.py β”‚  β”œβ”€β”€ profiles β”‚  β”‚  └── default β”‚  β”‚  └── metadata.xml β”‚  └── tests.py β”œβ”€β”€ README.txt β”œβ”€β”€ setup.cfg └── setup.py

In the latter case, you need to include the newly created egg in buildout.cfg:

 eggs = my.package develop = src/my.package

Reassembly. It's all.

+7
source

Source: https://habr.com/ru/post/910502/

More articles:


All Articles