Allow anonymous access and right management for anonymous user
A few application requires anonymous access:
Possible course of action:
*create an anomynous user with id 1 - I believe user 0 is already taken for some specific usage?
*on user request if not already logged in - auto login anomymous user if he is active
*create an empty user pattern in code i.e. inherit from user, overwrite all methods to return proper
*if anonymous user is disable - i.e. the site admin do not want anonymous access - return the empty user
Refactor control access to avoid relying on user_id == 0
Updated by Nathalie Blocry over 8 years ago
- % Done changed from 0 to 50
this has been implemented for the most part.
you can make an anonymous user with status 0 (you cannot set this status through the user-interface but must set it directly in the database)
not all applications are ready for an anonymous users though so there is no default anonymous user for the moment.
I have tested anonymous access with
there is a method UserDataManager :: retrieve_anonymous_user() that returns the anonymous user or false when there is none.
when entering the platform without login in you will automatically be logged in as the anonymous user when there is one or not logged in when there is none. the login block will remain visible when you are logged in as the anonymous user so you can still switch to a real user.
what is left to do is check the other optional applications for strange/unwanted behavior