Metadata-Version: 2.4
Name: iw.rejectanonymous
Version: 1.2.8
Summary: Disallow access to a Plone site and its children if user is anonymous
Home-page: https://svn.plone.org/svn/collective/iw.rejectanonymous
Author: Ingeniweb
Author-email: support@ingeniweb.com
License: GPL
Keywords: plone extranet
Classifier: Framework :: Plone
Classifier: Framework :: Plone :: 3.2
Classifier: Framework :: Plone :: 3.3
Classifier: Framework :: Plone :: 4.0
Classifier: Framework :: Plone :: 4.1
Classifier: Framework :: Plone :: 5.0
Classifier: Framework :: Plone :: 5.1
Classifier: Framework :: Plone :: 5.2
Classifier: Framework :: Zope2
Classifier: Programming Language :: Python
Classifier: Topic :: Software Development :: Libraries :: Python Modules
Requires-Dist: setuptools
Provides-Extra: test
Requires-Dist: Products.PloneTestCase; extra == "test"
Dynamic: author
Dynamic: author-email
Dynamic: classifier
Dynamic: description
Dynamic: home-page
Dynamic: keywords
Dynamic: license
Dynamic: provides-extra
Dynamic: requires-dist
Dynamic: summary

==================
iw.rejectanonymous
==================


What is iw.rejectanonymous ?
============================

This package is made to reject unconditionnally anonymous users from a Plone
site, without any change in your security policy matrix or workflows. They
should get redirected by plone to login form. The basic use case is an extranet,
where all visitors must be authenticated.

Works with
==========

Plone 3, 4, 5

Installation
============

Add ``iw.rejectanonymous`` to the ``eggs`` option of your
``plone.recipe.zope2instance`` part ::

  ...
  [instance]
  recipe = plone.recipe.zope2instance
  ...
  eggs =
      ...
      iw.rejectanonymous
      ...
  ...
  # The ZCML slug is no more required with Plone 3.3 and up
  zcml =
      ...
      iw.rejectanonymous
      ...

Re-run buildout, then open the "Security" control panel of any Plone site of
your instance. A new **Private site** checkbox lets you (de)activate
``iw.rejectanonymous``.

Customization
=============

``iw.rejectanonymous`` enables the publication of some resources to the
anonymous user, more specifically to enable all media and resources required
from the standard loging page and the password reset page.

Adding valid ids
----------------

If your customized logging page requires some specific images or your site
policy component provides a signup page which name is not ``login_form`` you may
add additional ids (url last part) that are available to anonymous users.

::

  from iw.rejectanonymous import addValidIds
  ...
  addValidIds('some_image.png', 'my_login_form')


Adding valid subparts
---------------------

If you want to let anonymous users browse the pages of some folders, you need to
add valid subparts.

::

  from iw.rejectanonymous import addValidSubparts
  ...
  addValidSubparts('disclaimer', 'public_section')

Adding valid subparts prefixes
------------------------------

If you want to let anonymous users browse the pages of some folders with
specific prefixes, you need to add valid subpart prefixes.

::

  from iw.rejectanonymous import addValidSubpartPrefixes
  ...
  addValidSubpartPrefixes('public_')

Hiding viewlets
---------------

You may hide viewlets from the views of the site (login form, password reset
form). You need for this to add such lines in your site policy ZCML.

::

  <browser:viewlet
    name="original.viewlet.name"
    for="iw.rejectanonymous.IPrivateSite"
    manager="original.viewlet.manager.Interface"
    class="original.viewlet.Class"
    permission="cmf.SetOwnProperties"
  />

``name``
  Keep the original viewlet name.

``for``
  ``iw.rejectanonymous.IPrivateSite`` the marker interface set to private sites

``manager``
  Keep the original manager

``class``
  Keep the original viewlet class

``permission``
  Choose a permission that is not granted to an anonymous user but to anyone
  else. ``cmf.SetOwnProperties`` is a good choice if your site has the standard
  security policy.

See how we hide the ``plone.personal_bar`` and the ``plone.searchbox`` in the
``configure.zcml`` of this component.

Links
=====

Cheeseshop
  http://pypi.python.org/pypi/iw.rejectanonymous

Git repository
  https://github.com/collective/iw.rejectanonymous

Issue tracker
  https://github.com/collective/iw.rejectanonymous/issues

Old SVN repository (up to 1.0.2)
  https://svn.plone.org/svn/collective/iw.rejectanonymous

Contributors
============

* Bertrand Mathieu
* Thomas Desvenain
* Gilles Lenfant
* Elisabeth Leddy

Changes log
===========

1.2.8 (2026-04-17)
------------------

- Add login views to valid_ids


1.2.7 (2023-05-08)
------------------

- Add ++webresource++ and ++plone++ to valid_subpart_prefixes (Plone 6)
  [mamico]

1.2.6 (2022-05-11)
------------------

- Add @@ok to valid_ids
  [ale-rt]

- Add custom.css to valid_ids (needed since Plone 5.2.2)
  [ale-rt]

- Add ++unique++ to valid_subpart_prefixes (needed since Plone 5)
  [ale-rt]

- Remove pdb
  [mpeeters]


1.2.5 (2019-10-18)
------------------

- Add less-variables.js to valid ids for Plone 5.2 compliance.
  Update classifiers [thomasdesvenain]


1.2.4 (2019-05-21)
------------------

- If plone.restapi is available, add auth related endpoints to valid ids.
  [thomasdesvenain]

- Compliancy with plone.rest: allow anonymous OPTIONS requests
  [ebrehault]


1.2.3 (2014-04-30)
------------------

- Modified coding style of getPortalLogoId function.
  [vincentfretin]

- Make iw.rejectanonymous work in tests
  [jaroel]


1.2.2 (2012-08-21)
------------------

- 4.2.1 Compatibility.
  [thomasdesvenain]


1.2.1 (2012-08-16)
------------------

- Include cmf permissions zcml.
  [thomasdesvenain]


1.2 (2012/5/16)
---------------

- ZCML duplicate viewlet setting
  [eleddy]

- Typos in README.rst
  [glenfant]

- Version in setup.py was a float
  [glenfant]


1.1 (2012/5/12)
---------------

- Added doc for customization
  [glenfant]

- Re enabled tests
  [glenfant]

- Disabled some viewlets to anonymous and added doc for customization.
  See https://github.com/collective/iw.rejectanonymous/issues/1
  [glenfant]

- Added valid subpart prefixes such iw.rejectanonymous does not conflict with
  plone.app.theming (Diazo)
  [glenfant]

- Enable portal_kss subparts.
  [thomasdesvenain]

- In plone 4, use of base_properties is sketchy and likely incompat.
  Catch error if needed and use better default for logo.
  [eleddy]


1.0.2 (2010-12-27)
------------------

- z3c.autoinclude awareness added so the ZCML slug does not need to be
  explicitely added in buildout ``*.cfg``.
  [glenfant]

- Add customization utilities and doc (add new enabled ids and subpaths)
  [glenfant]

- Enable favicon.
  [thomasdesvenain]


1.0.1 - 2010-10-08
------------------

- Enable password reset system.
  [thomasdesvenain]


1.0.0 - 2008-02-11
------------------

- Initial release
  [bmathieu]
