All geek questions in one place

View permission to check registered members

I would like to restrict the presentation at the root of the Plone site to registered members only.

What permission should I check?

For clarification, I would like to use this permission as a configuration of the Zope 3 look and have something that works by default. I do not want to create and assign authorization credentials myself if I can avoid the situation.

+4
source share
2 answers

In Plone promotions, authenticated but not anonymous users can change their own password. You can use this permission. It is called:

cmf.SetOwnPassword

+4
source

There is no “authenticated” permission, all permissions are intended only for certain actions, and if an authenticated user should be able to perform this action, you must assign the corresponding permission to the “Authenticated” role.

To get a quick list of string (Zope2) permissions for the Authenticated role, use the following ZMI view:

http://localhost:8080/Plone/manage_roleForm?role_to_manage=Authenticated

where I assume that you launched your site on port 8080 and you named the Plone Plone object. It shows all permissions in the list with several favorites currently activated.

On the default site, this list is rather scarce, only Set own password , Set own properties and Use external editor are assigned. For the first two, Zope3 equivalents are defined in Products.CMFCore ; they are cmf.SetOwnPassword and cmf.SetOwnProperties ; the third one does not have the equivalent of Zope3 at the moment, but it will be easy to determine, just add it to the ZCML file somewhere:

 <permission id="plone.UseExternalEditor" title="Use external editor" />

Zope3 permissions are just aliases for their Zope2 counterparts using valid python identifiers.

I really don’t know what you want to do with your view, but it’s best to either find the appropriate permission, or assign it the role of “Authenticated”, or create a new permission.

The latter is really simple.

Let's say I want to create the permission "Access foo bar", I just register it directly with the Zope3 ID in the ZCML file:

 <permission id="foobar.AccessFooBar" title="Access foo bar" />

That is all that is needed; now in ZMI the permission "Access to foo bar" will now be available.

If you want to grant this permission to specific roles by default, list them as contained elements:

 <permission id="foobar.AccessFooBar" title="Access foo bar"> <role name="Authenticated" /> </permission>

This only works for "global" roles (defined in the root of Zope), such as "Manager", "Anonymous" and "Authenticated".

If necessary, list it in the GenericSetup profile using the rolemap.xml file to assign this new permission to the validated role:

 <?xml version="1.0"?> <rolemap> <permissions> <permission name="Access foo bar" acquire="False"> <role name="Authenticated"/> </permission> </permissions> </rolemap>

You will need to use the latter only if you want to assign permissions defined at the Plone level, such as "Site Administrator" or "Editor."

+8
source

Source: https://habr.com/ru/post/1416142/

More articles:


All Articles