|
1 | 1 | --- |
2 | 2 | myst: |
3 | 3 | html_meta: |
4 | | - "description": "Create an emergency user" |
5 | | - "property=og:description": "Create an emergency user" |
6 | | - "property=og:title": "Create an emergency user" |
7 | | - "keywords": "Plone, users, groups, emergency user, pip, buildout" |
| 4 | + "description": "How to create an emergency user in an existing Zope instance" |
| 5 | + "property=og:description": "How to create an emergency user in an existing Zope instance" |
| 6 | + "property=og:title": "How to create an emergency user" |
| 7 | + "keywords": "Plone, Zope, users, emergency user, administration, pip, buildout" |
8 | 8 | --- |
9 | 9 |
|
10 | 10 | (user-groups-emergency-user-label)= |
11 | 11 |
|
12 | | -# Emergency user |
| 12 | +# Zope Manager Users |
13 | 13 |
|
14 | | -An emergency user is one that you can use to regain administrative access to a Plone site. |
15 | | -If you lose the administrator password, or you inherit a project without proper documentation, you can create an emergency user. |
| 14 | +Zope manager users have full access to the whole Zope instance. |
16 | 15 |
|
17 | | -First of all, do the following steps not in a production environment! |
| 16 | +Some installation methods automatically create a zope admin user for you already. |
18 | 17 |
|
| 18 | +The credentials for this user are usually: |
| 19 | + |
| 20 | +- username: `admin` |
| 21 | +- password: `admin` |
| 22 | + |
| 23 | +There are multiple reasons why you might need to add a new Zope manager user, such as: |
| 24 | + |
| 25 | +- Your installation method did not create one. |
| 26 | +- You lost access to your instance. |
| 27 | +- You inherited a project without proper documentation. |
| 28 | + |
| 29 | +If you need to regain access to your instance, this user is also refered to as an emergency user. |
| 30 | + |
| 31 | +This guide explains how to add a Zope manager user to an existing Zope instance. |
| 32 | + |
| 33 | +```{note} |
| 34 | +The emergency user is a superuser with full access to the Zope instance. |
| 35 | +It is not limited to a specific Plone site. |
| 36 | +Please be aware of the security implications. |
| 37 | +``` |
19 | 38 |
|
20 | 39 | (user-groups-create-an-emergency-user-label)= |
21 | 40 |
|
22 | | -## Create an emergency user |
| 41 | +## Adding a New Zope Manager User |
23 | 42 |
|
24 | | -There are two procedures to create an emergency user, depending on how you created and manage the Plone site. |
25 | | -For both scenarios, the commands you run will stop the Plone site, add a new user, and start the Plone site. |
| 43 | +There are multiple ways to create a Zope manager user, depending on how you created and managed your Zope instance. |
26 | 44 |
|
27 | 45 | ```{important} |
28 | | -You should always stop your Plone site before adding a new user. |
| 46 | +If you are running a standalone instance, it must be stopped before adding the user. |
29 | 47 | ``` |
30 | 48 |
|
31 | | -```{important} |
32 | | -The new username must not be an existing one. |
33 | | -Therefore you should avoid the username `admin`, but use another arbitrary name, such as `admin2`. |
| 49 | +### Using the `adduser` instance command |
| 50 | + |
| 51 | +If your site was installed with `buildout`, you can add a Zope manager user via an instance script. |
| 52 | + |
| 53 | +Run the following command in the terminal: |
| 54 | + |
| 55 | +```bash |
| 56 | +$ bin/instance adduser username password |
| 57 | +Created user: username |
34 | 58 | ``` |
35 | 59 |
|
| 60 | +The name of the instance script might vary based on your installation. |
| 61 | +Replace `username` and `password` with the desired values. |
36 | 62 |
|
37 | | -(user-groups-emergency-user-pip-installation-label)= |
| 63 | +If the user already exists: |
38 | 64 |
|
39 | | -### pip based Plone instance |
| 65 | +- No user will be created |
| 66 | +- The password will not be changed |
40 | 67 |
|
41 | | -You can run the following shell commands to create an emergency user. |
| 68 | +The command will return a message like this: |
42 | 69 |
|
43 | | -```shell |
44 | | -./venv/bin/instance stop |
45 | | -./venv/bin/addzopeuser -c instance/etc/zope.conf <user> <password> |
46 | | -./venv/bin/instance start |
| 70 | +```bash |
| 71 | +$ bin/instance adduser foo baz |
| 72 | +Created user: None |
47 | 73 | ``` |
48 | 74 |
|
49 | | -Now you can login with the created user. |
| 75 | +### Using the `addzopeuser` command |
50 | 76 |
|
| 77 | +For `pip` based installations, you will have a script called `addzopeuser` in the `bin` directory of your virtual environment. |
51 | 78 |
|
52 | | -(user-groups-emergency-user-buildout-installation-label)= |
| 79 | +The `addzopeuser` script might also be available in `buildout` based installations. |
53 | 80 |
|
54 | | -### Buildout based Plone instance |
| 81 | +Run in the terminal: |
55 | 82 |
|
56 | | -With buildout and `plone.recipe.zope2instance`, you can run the following shell commands to create an emergency user. |
57 | | - |
58 | | -```shell |
59 | | -bin/instance stop |
60 | | -bin/instance adduser <user> <password> |
61 | | -bin/instance start |
| 83 | +```bash |
| 84 | +$ .venv/bin/addzopeuser -c path/to/etc/zope.conf username password |
| 85 | +User username created. |
62 | 86 | ``` |
63 | 87 |
|
64 | | -Now you can login with the created user. |
| 88 | +The `addzopeuser` script and `zope.conf` locations might vary based on your installations. |
| 89 | +Replace `username` and `password` with the desired values. |
| 90 | + |
| 91 | +If the user already exists: |
| 92 | + |
| 93 | +- No user will be created |
| 94 | +- The password will not be changed |
| 95 | + |
| 96 | +The command will return a message like this: |
| 97 | + |
| 98 | +```bash |
| 99 | +$ .venv/bin/addzopeuser -c tmp/zeoclient/etc/zope.conf foo baz |
| 100 | +Got no result back. User creation may have failed. |
| 101 | +Maybe the user already exists and nothing is done then. |
| 102 | +Or the implementation does not give info when it succeeds. |
| 103 | +``` |
0 commit comments