Re: Problems with Remember
from
Ben Mason
on Jan 29, 2007 07:22 AM
That's all good and well, but it means that Anonymous users have view
rights to my private member objects?!
James Page wrote:
> I had the same problem. If you look at the bug lists at
> http://plone.org/products/remember/issues/26 you will find a solution
> that works from Ken Wasetis
>
> The solution
>
> "The member_auto_workflow is defined such that the Anonymous role gets
> many permissions in the 'new' state (so that a not-yet-logged-in user
> may Modify portal content, Set own password, Set own properties, etc.)
> and the Anonymous role was not intended to have these permissions in the
> private state.
>
> If you want an Anonymous user to have these permissions in the private
> state, then I would think this is your own custom workflow need, and you
> will need to edit the workflow permissions tab of the 'private' state of
> the member_auto_workflow so as to allow the Anonymous role to have the
> same permissions you see it has for the 'new' state.
>
> If you modify the workflow/permissions to your custom needs, be sure to
> click the 'Update security settings' button on the portal_workflow main
> page (workflow tab.)
>
> I've modified the private state so that Anonymous has the same
> permissions as it has in the new state, set the private state as the
> initial state, and I'm able to register and to immediately login
> afterward. "
>
>
>
> On 1/29/07, *Ben Mason* <ben@...
> <mailto:ben@...>> wrote:
>
> I have added a membrane/remember setup to a new Plone 2.5.2 instance.
>
> I would like to make it so that the member profiles are private, so I
> changed the auto_register to end in the private state. Now users cannot
> register with the site as they are thrown to the login form once they
> complete their information.
>
> The default method works, but that's no good as I don't want my member
> profiles to be public.
>
> Does anyone have an idea of how to solve this?
>
> Thanks
>
> Ben
>
>
> --
> To unsubscribe send an email with subject unsubscribe to
> remember@...
> <mailto:remember@...> .
> Please contact robm@...
> <mailto:robm@...> for questions.
>
>
