Anonymous PAS plugin (0.1.0)
- Anonymous PAS plugin download link: http://plone.org/products/anonymous-pas-plugin/releases
- Homepage of Anonymous PAS plugin: http://plone.org/products/anonymous-pas-plugin/
- Description source: http://plone.org/products/anonymous-pas-plugin/
This hacked PlonePAS collection of plugins was mostly ripped from other plugins, especially from CookieAuthHelper It gives anonymous users an automatic (random) userid + roles so this plugin can be used for anonymous content submission. The cookie (for the automatic login) is a session cookie, so after the user closes the browser, a new (random) login will be generated the next time.
The benefit of using this plugin is that anonymous users can create content, and after the creation still access their own content (since as long as the session remains open they will be owner of that created content). You can create/customize the workflow to make sure that other anonymous users can't access the newly created content by other anonymous users (set the 'view' persission to owner and reviewer (and not to contributor)).
Since everybody will get an automatic login, the standard 'login' link will dissapear. You can ofcourse still manually go to the login_form and login as a normal user. If necessary, you can ofcourse modify the default action in plone, and also show this link for users with a userid starting with 'anon_'
SECURITY NOTE:
after you installed this product, anyone will automatically get a login to your plone site. So there will be no 'anonymous' users anomore
The standard role for these 'anon' users is set to 'Contributer'! (see CONFIGURATION) on how to change this.
INSTALLATION
Use the QuickInstaller. This will add and activate the plugin in acl_users (PAS) of your plone instance.
CONFIGURATION
There are 2 configurable settings at the moment.
Go to the 'properties' tab of the anon plugin
-
1: cookie name
You can set a different cookie name then the default 'anon_cookie' (but why should you?) -
2: anonymous roles
You can set the roles that you wan each anonymous user to obtain. If you want to, you can give everyone the 'Manager' role, but I don't think this is very wise under normal conditions ;-)