Visibility of usercreated content

Hi everyone,

I'm looking to make content generated within a shared folder, visible only to its creator and siteadministrator. My general idea was that the content, if state was set to private, would only be visible to its creator. A custom template only renders the items created by the user viewing the folder - allthough it is currently possible to navigate to the content through the url. Example:

PloneSite/Shared-Folder/my-content

If my-content was created by user1 it can still be accessed by user2 if they simply navigate to the url. I probably missunderstand how the correlation between ownership and viewpermission works, but I have not been able to find any documentation explaining this (granted I may be searching in the wrong place).

My question is;

  • Is this functionallity achiveable?
    • And if so, what documentation would cover the steps involved?

Kind regards, Tony

This primary permission based protection affects your view. If your view is implemented in Python rather than by a template, then there are no automatic permission checks related to the viewed object. In a template, permission checks are active - but most attributes of a content object are protected by the so called object permission (which usually is Access contents information and this is typically granted to Anonymous). Only if the template accesses an attribute protected by the `View' permission, a user without this permission will not be able to view the object.

If a content object is viewed via a view based on main_template, then viewlets are active. This allows you to add a viewlet that checks access based on the View permission of the viewed content object (this can also be used to check other things, e.g. that the content view falls into the publishing period of the object). Views not based on main_template usually directly require the View (or stricter) permission.

Thank you for responding Dieter! :slight_smile:

My view is currently implemented through Python with it's own custom template. Similar to this:

<browser:page
name="custom_view"
for="*"
layer="zope.interface.Interface"
class=".views.MyCustomView"
template="templates/customview.pt"
permission="zope2.View"
/>

With an associated Python class handling some logic.

Will I need to look at implementing permission checks in that python class (similar as to what is displayed in this documentation)?

Kind regards, Tony

Check the default permission mapping for state private for the Plone default workflow:

I would recommend using a customized workflow with adjusted roles for the private state e.g. grantViewonly toOwnerandSite Administrator`.

1 Like

That you have protected your view with the permission zope2.View should be sufficient to prevent users to use it without the View permission. The View permission would first be checked on the view itself (and there is should not be immediately available) and then the checks would ascend the acquisition/__parent__ chain until either the View is granted or further inheritance is disabled. Usually, these checks would stop at the content object.

Are you sure that your content objects do not grant the View permission to unprivileged users or inherit it? Formerly, the ZMI had a tab Security to verify (and manage) things like this. This was hidden in more recent versions (because it is easy to get astonishing results by changing the permission to role mapping manually). However, you can still access its functionality by appending /manage_access to the content object url.

1 Like

Thank you for replying Andreas, will look into this option! :slight_smile:

That was my thought process when implementing it in this way (according to how I have interpreted the documentation) - but you may definently but onto something in regards to this:

I will definently look into the /manage_access functionality - I had no idea that it could be accessed this way (still new to Plone :slight_smile: ). Thank you for your response again Dieter!

EDIT: The generated content was indeed inheriting the permission from its parent - as found when accessing the @@sharing tab on that content item. I then handled this setting using my_content.__ac_local_roles_block__ = True upcon creation of new content - as presented in this post on stackoverflow.

Thanks again for your help, both Dieter and Andreas.

Kind regards, Tony.

Plone Foundation Code of Conduct