Allow Anonymous users to search for plone Members

Question

I'm trying to allow Anonymous users to search for plone Members. I got it to work setting the Anonymous role to have "Manage Users" permission, which is not appropriate, of course. Is there a more specific permission for this? "List portal members" didn't work. I need to allow anonymous search because our intranet users generally don't authenticate. Our plone members come from LDAP with custom fields (telephone, location, register). This was done with plone.app.ldap. I'm using Plone-4.0 and PlonePAS-4.0.1-py2.6

This is what triggers some exception and open the login_form for the anonymous users

member_search_results.pt

<metal:main fill-slot="main"
       tal:define="search_view here/@@pas_search;
                   listing_allowed python: checkPermission('List portal members', here);    
                   results python:listing_allowed and search_view.searchUsersByRequest(request, sort_by='fullname') or [];

If I set the listing_allowed to False, the template is rendered normally, informing the user that it couldn't do the search, because it has no permission. But if the listing_allowed is True, it goes to searchUsersByRequest returning the login_form.

Already look at the PlonePAS configure.zcml to see the permissions, but there's nothing wrong there too. Tried to change the permission to zope2.Public and zope.Public, but no success

<browser:page
      for="*"
      name="pas_search"
      class=".search.PASSearchView"
      permission="zope2.View"
      allowed_interface="Products.PlonePAS.interfaces.browser.IPASSearchView"/>

Any help is appreciated. Thanks!

Answer 1

You will probably be better off using https://pypi.python.org/pypi/Products.remember/1.9.2 as it gives all members content objects that should be searchable.

Otherwise, you might have to implement your own view that does the search and bypasses security considerations on poking around about users.