Adding portlet permissions when creating portlet TTW

Creating a portlet TTW is is and works well. However, adding portlet view permissions (based on role/group) is not possible TTW.

Adding view permissions via code appears possible:

would it be feasible/reasonable to add the ability to assign permissions when creating TTW. That is, just have 2 pulldowns (role and group - powered by list from the site) that would assign permissions when initially creating the portlet?

the interface would be very simple; however, I have no idea if the code can connect with existing Plone machinery (such as above link).

(Note: I know there is talk of removing portlets from future versions of plone)

Is this a good approach?

Do you mean you want the portlet to be visible only to users who have a specific permission or role?


As a test, I tried used the existing TTW methods in Plone to accomplish this. I tried this:

First, It works when I added portlets to content type definition. Portlet displays when new instances of the content type are created.

Second, I tested assigning portlets to groups, TTW, this is what I do:

  • created group
  • assigned person(s) to group
  • assigned portlets to a group
  • looked at the main page of site, ensured that the portlets for the "group portlet" has "do not block"
  • log in as user in the group, no portlet shows.

what am I missing?

I've used group portlets before and they worked fine for me. Maybe your issue with the group portlet is specific to the portlet, especially if it's a custom portlet.

For generally making TTW portlets do permission-based stuff I would just wrap the body of the portlet with a tal:condition

You are correct, I messed up somewhere. Tried another test and it works great.

I'll also make a note about the tal condition in case I want to use it for something other than a group.

thanks again.

1 Like

In some old code I noticed that I have a condition for rendering a portlet.

Here is the code (I can't remember 'how' it worked) if it could be of any use to anyone:

Hi @tkimnguyen, Thanks for your input. I've come to agree with your approach. Not only does group portlets work (once I fixed my error) this keeps all the group characteristics (properties, preferences, portlets, and dashboard) in one place (group definition in control panel) .

Although assigning them directly at the portlet level might be initially easier and more intuitive, what you give up is the overview the Groups properties currently give for each group. This helps you manage properties, not just assign them adhoc.

Anyway, my thoughts. I think this is one of Plone's hidden gems. Yeah, it's there, but uses and benefits aren't always apparent.

have a good day

Hi, I've a related question.

i want to allow annon users to view a specific portlet. however, i can't use the above because anonymous is not a group defined in Plone. is there a TTW way to assign porlet permission to anonymous?


there is no portlet view permission. If can view the url (ie the content it points to) then you can view its portlets.