Plone 4:限制发布的内容 [英] Plone 4: restricting published content
问题描述
在Plone 4.x安装中,可以
On a Plone 4.x install, can either
- 发布的内容仅限于某个用户/组或
- 使私人内容显示在菜单中并搜索未登录的用户吗?
我有一个客户希望拥有只能由特定用户/组查看的内容,但是将在菜单中显示或在未登录时进行搜索.
I have a customer who wants to be able to have content that can only be viewed by a certain user/group, but will show up in a menu or search when not logged in.
实现此功能的最佳方法是什么?
What would be the best approach for achieving this functionality?
推荐答案
您将必须按以下方式自定义您的工作流程:
You'll have to customize your workflow as below:
- 转到Zope管理界面-> portal_workflow
- 创建一个新状态,比如说预告片"(这是可选的,您可以自定义现有状态...也许私有状态对于处理特定用户/组的限制是个不错的选择)
- 从处于该特定状态的匿名用户中删除除访问内容信息"之外的所有权限
- 按下更新安全设置"按钮
完成! 现在,处于预告片"状态的所有内容都可以被匿名用户搜索但不能查看.
Done! Now all contents in the "Trailer" state will be searchable but not viewable by anonymous users.
注意:如果您按照我的建议选择创建新状态,请确保也添加所有需要的转换.
Note: if you choose to create a new state, as I'd suggest, be sure to add all needed transitions too.
修改:
不幸的是,我不知道在最新的Plone版本中,portal_catalog中有一个新索引(创建一个新程序包使用克隆"模板粘贴.然后在软件包的主要层级(例如my.package/my/package)中添加一个名为indexers.py
的文件,并带有以下内容:
Unfortunately I wasn't aware that in recent Plone's versions, there's a new index in the portal_catalog (allowedRolesAndUsers) that prevents the process above to work as it used to. The process above is still correct, though you'll need to override the default indexer.
First create a new package with paster using the "plone" template. Then add in the main level of the package (e.g. my.package/my/package) a file called indexers.py
with this:
from zope.interface import Interface
from plone.indexer.decorator import indexer
from AccessControl.PermissionRole import rolesForPermissionOn
from Products.CMFCore.utils import getToolByName
from Products.CMFCore.CatalogTool import _mergedLocalRoles
@indexer(Interface)
def allowedRolesAndUsers(obj):
"""Return a list of roles and users with View permission.
Used by PortalCatalog to filter out items you're not allowed to see.
"""
allowed = {}
for r in rolesForPermissionOn('Access contents information', obj):
allowed[r] = 1
# shortcut roles and only index the most basic system role if the object
# is viewable by either of those
if 'Anonymous' in allowed:
return ['Anonymous']
elif 'Authenticated' in allowed:
return ['Authenticated']
localroles = {}
try:
acl_users = getToolByName(obj, 'acl_users', None)
if acl_users is not None:
localroles = acl_users._getAllLocalRoles(obj)
except AttributeError:
localroles = _mergedLocalRoles(obj)
for user, roles in localroles.items():
for role in roles:
if role in allowed:
allowed['user:' + user] = 1
if 'Owner' in allowed:
del allowed['Owner']
return list(allowed.keys())
,然后在同一级别添加具有以下内容的文件overrides.zcml
:
and then in the same level add a file overrides.zcml
with this:
<configure xmlns="http://namespaces.zope.org/zope">
<adapter factory=".indexers.allowedRolesAndUsers" name="allowedRolesAndUsers" />
</configure>
最后,您的产品树应如下所示:
In the end the tree of your product should look like this:
my.package/
├── my
│ ├── __init__.py
│ └── package
│ ├── configure.zcml
│ ├── overrides.zcml
│ ├── indexers.py
│ ├── __init__.py
│ ├── profiles
│ │ └── default
│ │ └── metadata.xml
│ └── tests.py
├── README.txt
├── setup.cfg
└── setup.py
最后,您需要在buildout.cfg中包括新创建的鸡蛋:
Last thing, you need to include the newly created egg in your buildout.cfg:
eggs =
my.package
develop =
src/my.package
重新运行扩展.就是这样.
Rerun buildout. That's all.
这篇关于Plone 4:限制发布的内容的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!