I have the Intranet / Extranet workflow enabled on a Plone 4.2 site, I have removed most of the members permissions (so they can only view).
I created an account and started to add some content but even though I have the "Owner" role permission "Delete portal content" enabled (under mysite.com/manage_access) however my test user is unable to delete anything, which is great... However they cannot delete anything they have created either (I need them to be able to delete content they create).
I have searched on Google but am getting results related more to accomplishing bulk user actions using python scripts.
Basically what I want is that if you created the content, you are able to delete it, if you did not create it you cannot delete it.
Currently I have the second part setup and that's working, but for some reason it seems to be ignoring the "Owner" role, even on content I have created.
I can't find any other permission that I could tick that would indicate ability to delete content you own, can anyone lend any insights? Thanks.
EDIT:
To expand on the problem, it seems if I create a folder and then create content under it, that content is not deleteable, but if I then create a folder, and content within the folder I created, although the folder is not deletable the content within it is.
This was resolved by installing collective.deletepermission and adding the necessary "Delete Objects" permission to the "Owner" role in the ZMI under manage_access
Related
I'm trying to use Sonatype Nexus 3 and content selectors for a Maven 2 repository.
I created a Maven 2 repository called "custom-snapshots" and a content selector with the query
coordinate.groupId =^ "net"
(My original query was more precise, but I'm trying to narrow down the problem. I don't think the problem is the content selector though as when I click preview and run it against custom-snapshots, I do get matches.)
Then I created a privilege called "sea-lion-snapshot-priv" with content selector "
sea-lion-selector", repository "custom-snapshots" and actions "read,edit,browse".
Next I created a role called "sea-lion-role" with "sea-lion-snapshot-priv". Finally, I created a user "sam" with roles "sea-lion-role" and "nx-anonymous". I did not change any of the permissions on nx-anonynmous.
When testing:
If I browse the custom-snapshots repo without being logged in, I see all the artifacts.
If I browse the custom-snapshots repo logged in as Sam, I see all the artifacts.
If I browse the custom-snapshots repo logged in as another user, I see all the artifacts.
I was expecting to see the artifacts as Sam, but not anonymous/the other user.
Any ideas on what I could have set up wrong or techniques to troubleshoot it?
#rseddon's comment was the missing step. In the sprit of documentation, here are the exact settings I used when it was working:
Create a new role "limited-anon" with "nx-repository-view-maven2--*-read" and "nx-search-read"
Under users, go to "Anonymous". Remove the built in role and add "limited-anon"
Create a content selector with search expression "coordinate.groupId =^ "my.package.name"
Create a privilege of type "Repository Content Selector" going against this content selector, the snapshot repository and actions "read,edit,browse"
Create a similar privilege for the releases repo
Create a new role with both of these privileges
Assign both that new role and "limited-anon" to Sam (the user who can see the artifacts)
Assign just "limited-anon" to the other test user
This configuration works for:
anonymous user - can not see this artifact
Sam - can see this artifact
other user - cannot see this artifact
With this setup, it looks like items in the repository without content selectors cannot be seen unless you are an admin. Which is fine for my use case.
How can i set up multi portal website in sulu cms?
Example: I will have one admin panel from that i will manage content of site like
a.com, b.com, c.com...
I try by make copy of file
app/Resources/webspaces/example.com.xml
and make file lilke app/Resources/webspaces/one.com.xml
And in example.com.xml i also add another portal tag in portals but had no luck...
but in admin panel left side i see just one site example.com
How can i do that? Is there any documentation? Any link?
Thanks!
Multiple portals within the same webspace are not visible in the Administration UI, what you want are multiple webspaces. Just create a second XML file as described in our documentation, and make sure you have different URLs setup and both webspaces have a different value in their key tag. Afterwards you have to execute the bin/console sulu:document:init command once more to initialize some nodes.
Maybe also check the logs in var/logs for any errors and warnings, because if you have an error in your webspace configuration file, the new webspace will not show up in the admin UI.
Another thing that could go wrong is that you are missing the permissions to see the new webspace (that usually happens when you create a new webspace after you've executed the command mentioned above). In that case you have to navigate to Settings -> User roles -> Your userrole, and add the missing permissions in the shown matrix.
I've got an installation of Plone 4.2.1 running nicely, but visitors to the site can click on the Users tab in the main menu and go straight to a search of all my registered users. Certainly, anonymous visitors are unable to actually list anyone, but I don't want this functionality at all.
What's the Plone way of:
removing the Users tab from the main menu?
stopping the URL /Members returning anything except 404?
Are there other effects of this functionality I should be aware of?
The Users tab is only shown because there is a Members folder (with the title Users) in the root that is publicly visibile.
You have three options to deal with the default; make the Members folder private, delete it altogether, or remove the index_html default view.
Unpublish
You can 'unpublish', retract, the folder workflow to make it private, and anonymous users are then redirected to the login form instead of seeing the user search form:
Simply go to the folder, click on the workflow state (Published) and choose Retract.
Delete
If you do not need to have per-user folders, you can remove the Members folder altogether. You do need to make sure that user folder creation is not enabled first. Go to the Control Panel (click on your username, top right, select Site Setup):
select Security:
and make sure that Enable User Folders is not checked. If it is, uncheck it and save the settings.
Now just delete the Members folder; click Users, find the Actions menu on the right, then select Delete:
then confirm the deletion in the popup:
Deletion means all users will get a 404 when visiting /Members in your site.
Delete the default view
The Members folder contains a index_html object that provides the user form search. If all you want to get rid of is this view, you can delete it. If your Members folder is still public, visitors can see any userfolders that have been created though.
Deleting this view requires going to the ZMI, the Zope Management Interface, navigating to the Members folder and deleting the index_html object there.
Since this is not really the recommended course of action I'm leaving out the screenshots for this part.
You can just delete the Users folder.
I've enabled 'member folders' in plone administration panel. Then I've created a context menu link in the ZMI (with url: string:${portal/portal_membership/getHomeUrl}) to make these folders easy available.
I've noticed, that .getHomeUrl() always returns None, and link looks like: 127.0.0.1:80/web/None.
Do you have any idea what's wrong?
First of all, you normally enable that option in the Security tab of your Plone control panel:
If you set the option there, it'll also add a 'My Folder' action automatically that uses the .getHomeUrl() method.
.getHomeUrl() only returns a URL if the folder already exists. In your case it appears the folder is not yet created for the current member. The folder is first created when a member logs in but does not have their own folder yet. Logging out then in again should remedy this.
If you accidentally removed the Members folder from your Plone setup, you'll need to recreate it. Per-user folder creation would otherwise fail. If it is missing, simply create a new folder with the id Members in the root of your site.
I am finishing up a Drupal site and I have attached a word document on one of my page nodes. I want anonymous people to be able to download it, but they don't even see the document. I do as a logged in user.
Any Ideas?
You need to give anonymous users permission to view uploaded files.
I'm guessing that you used the upload module.
The permissions page is at /admin/user/permissions and under the group "upload module" you are looking for "view uploaded files".
-Ed
Assuming you only want to enable this one particular file to anonymous users, you can do it without touching permissions, which would affect your whole site.
The simplest way, assuming you have configured downloads as "public" instead of "private" is to just add a link to the document in your page node, like Download myfile.doc