Skip to main content

Protects inactive plone content from unauthorized access.

Project description


ftw.protectinactive protects inactive content from unauthorized access.

Plone provides fields to set publication and expiration dates. If the publication date is in the future or the expiration date is in the past the content is inactive. This inactive state determines if the content should appear on the site or not.

The problem is that this check is only performed on the catalog.

It works for listings and all other instances where catalog queries are used. But it does not protect the content from beeing accessed directly via the url. An unauthorized user is able to access the content whether it is inactive or not. This behaviour is highly unintuitive and is often met with incomprehension.

ftw.protectinactive was created to protect inactive content and provide the expected behaviour. It performs the check for inactive content in a IPubAfterTraversal hook. If the content is inactive and the user has no permission to see it, ftw.protectinactive raises an exception.


  • check if content is inactive
  • supports Dexterity content
  • respects Access inactive portal content and Access future portal content permissions (on site root)
  • configurable exception type


  • Add ftw.protectinactive to your buildout configuration:
eggs +=
  • Install the generic import profile.


The exception raised by ftw.protectinactive can be configured in the plone registry. It will raise an Unauthorized exception by default. This, however, confirms the existence of the content, which is a potential unwanted information disclosure. To avoid this the exception can be changed to a NotFound exception in the registry.

Installation local development-environment

$ git clone
$ cd ftw.protectinactive
$ ln -s development.cfg buildout.cfg
$ python2.7
$ bin/buildout
$ bin/test


Runs with Plone 5.1.


2.0.0 (2019-10-23)

  • Drop Plone 4.2 compatibility. [jone]
  • Add Plone 5.1 support. [tinagerber]
  • Drop archetypes support. [tinagerber]

1.0.2 (2018-01-09)

  • Improve traversal hook in order not block authorized users from viewing content they should be allowed to view. [mbaechtold]
  • Fix failing tests because of recent changes in “ftw.testbrowser”. [mbaechtold]
  • Test against Plone 4.2. [mbaechtold]
  • plone.api 1.4.11 is needed at least: See [mathias.leimgruber]
  • Updated description in [lknoepfel]

1.0.1 (2016-07-25)

  • Specify required plone.api version. [lknoepfel]

1.0.0 (2016-07-20)

  • Initial implementation and first release. [lknoepfel]

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for ftw.protectinactive, version 2.0.0
Filename, size File type Python version Upload date Hashes
Filename, size ftw.protectinactive-2.0.0.tar.gz (9.2 kB) File type Source Python version None Upload date Hashes View hashes

Supported by

Elastic Elastic Search Pingdom Pingdom Monitoring Google Google BigQuery Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page