Hide the Not-Logged-In and Join links

**NOTE**: If you're using Plone 3 or later, the easiest way to turn off self-registration is to use the checkbox "Enable self-registration" in the Security control panel. It's off by default from Plone 3 onwards.

----------

Assume that you or your team does all the content work on your plone site, and you never want visiting public to become involved in adding or editing the content. In that case, perhaps you'd rather that the visiting public didn't see the message "You are not logged in", and you'd rather they didn't see the link enabling them to join and fiddle with your site.

It's easy to remove the message and the link.

Removing Actions
----------------

First, we'll want to disable the "join" and "login" actions. Once the actions are disabled, they won't appear on the forms any longer.

In the ZMI, go to `portal_registration`, under the `Actions` tab. De-select the "visible" field for the "join" action.

Also, in `portal_membership`, under the `Actions` tab, de-select "visible" for "login".

If you don't see the `Actions` tab under `portal_registration`, go instead to `portal_actions`. In `portal_actions` select `user`. Under `user`, you will see the `login` and `join` actions. Click through to these actions and de-select "visible". NOTE: There is also a `login` action under `site_actions`. Hiding this action will NOT hide the login link in the personal bar.

Now, users won't see either the "login" or "join" messages.


Removing the Reminder
---------------------

They will still see the "You are not logged in..." text.

Your first step is to locate the offending code. So in the ZMI (Zope Management Interface), searching via the 'find' tab, on the words "logged in" you will find::

/sitename/portal_skins/plone_templates/global_personalbar

Go to this template, then click the 'Customize' button. This makes a copy of the document in the 'custom' folder. You can now tweak that copy without disturbing the original, and your changed document will be used by plone instead of the original document.

Now you'll edit this file.

Down the page, find and comment out the line displaying "you are not logged in".

Comment out or delete just this line::

<li class="portalNotLoggedIn" tal:condition="isAnon" i18n:translate="you_are_not_logged_in">
You are not logged in
</li>

As long as it's a visitor (non-logged-in, therefore an anonymous person), it displays nothing. For anybody else who has logged-in, it displayes the required and usual helpful choices.

If you don't want to edit templates, you can also remove the "You are not logged in" message using CSS. In ploneCustom.css, add this statement::

#portal-personaltools .portalNotLoggedIn {
display: none;
}


But now, how will *you* log in?
-------------------------------

When you or your team mosey over to your site, you'll no longer see the 'log in' link, but that's no problem. Just aim your browser at your site's 'login_form' page, and there you'll be.

For example, if you normally call your plone site at the address::

http://www.example.com

then just aim your browser at::

http://www.example.com/login_form

Hidden from the public, easy for you to reach.

One danger remains

It is still possible that a mean old public person might come along, and maybe they know plone and they recognize your site from the Plone logo or the copyright notice or the pretty tabs. They might have even read this fine miniHOWTO! In a case like that, they could still browse to your login_form page, and there they could 'join', 'log in', and perhaps contribute all sorts of 'colorful matter' to your website. Wouldn't that be a fine kettle of fish?

Therefore, you may wish to also disable the 'join' mechanism. Alexander Limi has written this up and it's found in these 'how to' documents as "How to make the site so Members can't add themselves":http://www.plone.org/documentation/howto/closing-site

When you've thus buttoned up your site, it should be safe from unauthorized 'improvements' by the rascally visiting public!