I see that published posts on the websites for example; a blog post. It is accessible to public users i.e. if a user is not logged in, they will have access to the page if they have the link.
This is a problem for bots and unrestricted users.
Does anyone know how we can prevent the public i.e. someone without a user ID from accessing contents on the website?
You can customize the blog doctype. There you can set a permission role. Default is guest.
Thanks, so this is what I have in the permissions section of the blog post doctype
Public users still have access to the content
Guest = public
And you set guest/read = true^^
If you know how templates work, you can use python.
Create a python code for that view, check if user is guest or not with
frappe.session.user . If it is guest is will return
Guest , otherwise it will return the logged in user.
Based on this you can show the data on view.
@joelios I only added the guest permission based on your previous comment.
I have modified it to this and the public users still have access to it. Any thoughts?
@joelios oops, I sent you the wrong screenshot. The edited screenshot does not have ‘All’ as a role
Hm maybe guest is included in “all”?
Otherwise, if youre not on the hosted version, you can set developer_mode to 1, go to edit doctype and set explicit the website permission. There it is per default as guest.
@joelios I am assuming you are referring to the option circled in the image below?
Those are the only settings I think you may be referring to
thank you. I’ll keep this in mind
Have you uncheck “allow guest to view” but its still public? If yes, it sounds like a bug i think!
Yes, I did that.
Maybe it is.
Thanks for your help though!
Hi, Has this been solved yet? I am on 12.4 and am having the same issue.
on both doc types
“blog post” and “blog category”
if I un-check the
“Has web view” = off
“Allow Guest to View” = off
the post header and initial text, is still shown on the home page but shows an error when clicked on.
“Has web view” = on
“Allow Guest to View” = off
Nothing Changes and everything is still accessible
Any insight into the a legitimate way to get this to work would be great.
Has this issue Solved? Even after un-checking “Allow Guest to View”, still a guest is able to see the blogposts.
Any insight will be helpful
Hmmm… I just recently came across this issue with Web Pages and thought I might have missed something. I really find it hard to believe that this basic and fundamental feature is actually missing!
I hope we can get a quick solution
I have created a Github Issue for this:
04:05PM - 22 Jan 21 UTC
There doesn't seem to be a way to make a Web Page or Blog Post visible to only logged in...
Any resolution found for this?
Would be also interesting to me to have blog posts only visible to logged in users.
could sponsor something here…