Skip to content. | Skip to navigation

Personal tools
Log in
You are here: Home

Latest Plone Posts

February Newsletter

From Planet Plone. Published on Mar 02, 2015.

Welcome to the Plone Newsletter where on or about the beginning of each month we send you the previous month’s news and upcoming events from around the world.

Don't sudo pip install

By Alex Clark from Planet Plone. Published on Feb 28, 2015.

How many times have you seen this?

Continuous Integration for Plone

By Timo Stollenwerk from Planet Plone. Published on Feb 28, 2015.

How we set up a new distributed CI infrastructure for Plone with Jenkins, Ansible, Jenkins Job Builder, and mr.roboto.

How to install Kotti CMS on Windows

By davide moro ( from Planet Plone. Published on Feb 27, 2015.

Yes, as expected, you can install Kotti CMS also on Windows if you have this constraint!

What is Kotti

From the official doc:

"""A high-level, Pythonic web application framework based on Pyramid and SQLAlchemy. It includes an extensible Content Management System called the Kotti CMS.

Kotti is most useful when you are developing applications that:
  • have complex security requirements
  • use workflows, and/or
  • work with hierarchical data

It is developer friendly and with a good user interface. You can easily extend it, develop new features or install one of the available third party modules (search for Kotti on if you want to browse existing modules ready to be used). Heavily inspired by Plone (
If you want to evaluate Kotti you can install it locally (no database installation is required, you can use SQLlite during evaluation or development).
Otherwise if you are particular lazy there is a working demo online with admin / qwerty administrator credentials: 


  • python (tested with python 2.7.9 but it should work also on newer versions)
  • Microsoft Visual C++ 9.0 available on the following url (needed for an issue with bcrypt)
  • virtualenv (suggested)

Installation steps

Once you have installed python from you can start installing Kotti. I assume in this article that your Python installation path is C:\Python27.
Now create a new folder (it doesn't matter the name, in this article my folder name is just kotti):
> mkdir kotti
> cd kotti
Install virtualenv and create a new isolated python environment in your kotti dir:
> C:\Python27\Scripts\pip.exe install virtualenv> C:\Python27\Scripts\virtualenv.exe --no-site-packages .
Install Kotti and its requirements:
> Scripts\pip.exe install -r
> Scripts\pip.exe install Kotti

Put inside your kotti dir the app.ini file downloaded from:
Runs Kotti:
Scripts\pserve.exe app.ini
Starting server in PID 2452
serving on

Update 20150219: if you want to install Kotti as a standard Windows service see this tutorial:

Troubleshooting (tested on Windows Vista)

If Microsoft Visual C++ Compiler for Python 2.7 is not installed on your environment you'll get an error during the requirements installation phase (only on Windows):
> Scripts\pip.exe install -r
  Running install for py-bcrypt
    building 'bcrypt._bcrypt' extension
    error: Microsoft Visual C++ 9.0 is required (Unable to find vcvarsall.bat).
Get it from
    Complete output from command C:\Users\dmoro\kotti\Scripts\python.exe -c "imp
ort setuptools, tokenize;__file__='c:\\users\\dmoro\\appdata\\local\\temp\\pip-b
uild-mact2r\\py-bcrypt\\';exec(compile(getattr(tokenize, 'open', open)(_
_file__).read().replace('\r\n', '\n'), __file__, 'exec'))" install --record c:\u
sers\dmoro\appdata\local\temp\pip-wcmy6c-record\install-record.txt --single-vers
ion-externally-managed --compile --install-headers C:\Users\dmoro\kotti\include\
    running install

    running build

    running build_py

    creating build

    creating build\

    creating build\\bcrypt

    copying bcrypt\ -> build\\bcrypt

    running build_ext

    building 'bcrypt._bcrypt' extension

    error: Microsoft Visual C++ 9.0 is required (Unable to find vcvarsall.bat).
Get it from
You just need to install this requirement and all will work fine.

Troubleshooting 2 (tested on Windows 2008 R2 Server - updated 20150219)

You might experience other compilation errors on Windows due to different compiler versions, role management tool configuration, missing DLLs, environment variables (vcvars32.bat), missing header files, etc. The same C code that compiles fine on a Windows machine, on a different version of Windows could produce a compilation error (compiling under Windows is a pain).

Anyway the following links helped me a lot a install py-bcrypt under Windows 2008 R2 Server with Visual Studio 2008 Express (free version downloadable from



Kotti's front page (from the public demo online):

Kotti's folder contents (from the public demo online), requires authentication:

All posts about Kotti

Kotti - avoid types addable in content root

By davide moro ( from Planet Plone. Published on Feb 27, 2015.

With Kotti CMS ( you don't have to fight against the framework: after one or two days you'll love it and you will be productive.

You can add new content types mapped on database tables, extend existing ones, add one or more object actions, easy building of add and edit views without having to touch any html file.

Kotti is shipped with the pytest framework and I love it! The tests setup is very easy and you can mock or initialize your reusable fixtures with a dependency injection technique.

If your customer wants to use Windows, no problem:

How to prevent your content types to be added in content root

This blog post will explain how to prevent your content type to be added in the content root but only in Document types (they behave like folderish items too). What's the matter? The root itself is a Document.

My solution was similar to the following one, but a bit different:


from kotti.resources import TypeInfo
from kotti.resources import get_root
from kotti.resources import Content

class YourContentTypeInfo(TypeInfo):

    def addable(self, context, request):
        root = get_root()
        if context == root:
            return False
        return super(YourContentTypeInfo, self).addable(context, request)

yourcontent_type_info_data = Content.type_info.copy(
yourcontent_type_info = YourContentTypeInfo(**course_type_info_data)

class YourContent(Content):
    """ A yourcontent type. """


    id = Column(Integer, ForeignKey(''), primary_key=True)

    type_info = yourcontent_type_info
I tried to inherit all the default options and actions from the default Content's type info. This way you'll inherit all the backend menu actions.



After using Kotti for a while I can tell that the feedback is absolutely positive. It is the right choice when you don't need a much more complex system like Plone. So join the Python, Pyramid and Kotti community and say love to Kotti!

All posts about Kotti

Kotti CMS - how to create a new content type with an image

By davide moro ( from Planet Plone. Published on Feb 27, 2015.

If you want to create a new content type based on an existing one with Kotti you need to write few lines of code and zero html for the add and edit views: it is very simple (browse Kotti's and views code).

Basically you have to extend the existing content type shipped with Kotti and add your custom fields.

But let's suppose you need a new content type named ImageWithLink with the following fields:
  • title
  • description
  • image
  • link
In this case the implementation is more verbose compared to extend another content type (like the Document, but it is still an easy job).
from zope.interface import implements
from kotti.resources import Image
from kotti.interfaces import IImage
from sqlalchemy import Column
from sqlalchemy import ForeignKey
from sqlalchemy import Integer
from sqlalchemy import Unicode

class ImageWithLink(Image):

    id = Column(Integer, ForeignKey(''), primary_key=True)
    link = Column(Unicode(1000))

    type_info = Image.type_info.copy(

    def __init__(self, link=u"", **kwargs):
        super(ImageWithLink, self).__init__(**kwargs) = link 
The code is quite self-explaining: you create a new ImageWithLink class that inherits from Image. You only need to add your custom field named link and you initialize the link in the __init__ code after calling the super method.

import colander
from deform import FileData
from deform.widget import FileUploadWidget
from kotti.views.edit import ContentSchema
from kotti.views.edit.content import ImageEditForm
from kotti.views.edit.content import ImageAddForm
from kotti.views.form import validate_file_size_limit
from kotti.views.form import FileUploadTempStore
from kotti.views.form import AddFormView
from pyramid.view import view_config
from kotti_yourplugin import _
from kotti_yourplugin.resources import ImageWithLink
from kotti_yourplugin.validators import link_validator

def ImageWithLinkSchema(tmpstore):
    """ File schema with no set title missing binding """
    class ImageWithLinkSchema(ContentSchema):
        file = colander.SchemaNode(
        link = colander.SchemaNode(

    def after_bind(node, kw):
        del node['tags']

    return ImageWithLinkSchema(after_bind=after_bind)

@view_config(name='edit', permission='edit',
class ImageWithLinkEditForm(ImageEditForm):
    def schema_factory(self):
        tmpstore = FileUploadTempStore(self.request)
        return ImageWithLinkSchema(tmpstore)

@view_config(name=ImageWithLink.type_info.add_view, permission='add',
class ImageWithLinkAddForm(ImageAddForm):
    item_type = _(u"Banner Box")
    item_class = ImageWithLink

    def schema_factory(self):
        tmpstore = FileUploadTempStore(self.request)
        return ImageWithLinkSchema(tmpstore)

    def save_success(self, appstruct):
        # override this method (no filename as title
        # like images)
        return AddFormView.save_success(self, appstruct)

    def add(self, **appstruct):
        # override (no tags in our form)
        buf = appstruct['file']['fp'].read()
        filename = appstruct['file']['filename']
        return self.item_class(
            title=appstruct['title'] or filename,
Here the code is more complex. There is a dynamic schema definition with the Kotti's temp store implementation. Both the add and the edit form refer to this schema, with some overrides because our object does not behave like files or images.
UPDATE 20150211: no need to write this validator. Use the url validator provided by colander instead (colander.url). Anyway you can use all the builtin colander validators or write your own validators.

import re
import colander
from kotti_yourplugin import _

URL_REGEXP = r'(%s)s?://[^\s\r\n]+' % '|'.join(VALID_PROTOCOLS)

def link_validator(node, value):
    """ Raise a colander.Invalid exception if the provided url
        is not valid
    def raise_invalid_url(node, value):
        raise colander.Invalid(
            node, _(u"You must provide a valid url."))
    if value:
        if not re.match(URL_REGEXP, value):
            raise_invalid_url(node, value)
Here you can see an example of link validator based on a regular expression. This validator decorates our link field of the ImageWithLink schema.

Obviously you need to add in your kotti_configure method your ImageWithLink in the kotti.available_types settings.
def kotti_configure(settings):
    settings['pyramid.includes'] += ' kotti_yourplugin'
    settings['kotti.available_types'] += ' kotti_yourplugin.resources.ImageWithLink'

and enable your configurator in your .ini file:
kotti.configurators =     mip_course.kotti_configure

And what about the default view of your content types? If you visit an ImageWithLink box it will behave like an image: it inherits the default view of the image (you should customize it adding the link on the image, very simple: not showed in this blog post), no need to deal with the image resize machinery, etc.

As you can see, Kotti is a flexible solution if you need a simple but powerful CMS solution based on Python, Pyramid and SQLAlchemy. You may consider it as a simple framework (but easy to understand, don't be scared by the word framework. It is really developer friendly). If you are curious about how to manage contents with Kotti you may play with the demo online: (admin - qwerty).

All posts about Kotti

Kotti CMS - workflow reference

By davide moro ( from Planet Plone. Published on Feb 27, 2015.

Yet another blog post about Kotti CMS ( this time I'm going to talk about workflows and security.

Workflows in Kotti are based on repoze.workflow. See for further information. Basically you can use an xml file (zcml) in order to describe your workflow definition. You can see an example here: A you can see it is quite straightforward adding new states, new transitions, new permissions, etc. You can easily turn your 2-states website workflow into a 3-states website workflow with reviewers or turn Kotti app into an intranet application.

The default workflow definition is loaded from your project .ini file settings (using the kotti.use_workflow settings). The kotti.use_workflow setting's default value is:
kotti.use_workflow = kotti:workflow.zcml
but can change change default workflow for the whole site, register new workflows related to specific content types or disable it as well.

Anyway, if you need to write a Python based CMS-ish application with hierarchical contents, custom content types, workflows, security, global and local ACL (sharing permissions), pluggable and extensible, based on relational databases, developer friendly, with a simple UI, etc... Kotti is your friend!

How to disable the default workflow

Kotti is shipped with a simple workflow implementation based on private and public states. If your particular use case does not require workflows at all, you can disable this feature with a non true value. For example:
kotti.use_workflow = 0

How to override the Kotti's default workflow for all content types

The default workflow is quite useful for websites, but sometimes you need something of different. Just change your workflow setting and point to your zcml file:
kotti.use_workflow = kotti_yourplugin:workflow.zcml
The simplest way to deal with workflow definitions is:
  • create a copy of the default workflow definition
  • customize it (change permissions, add new states, permissions, transitions, initial state and so on)
If your site already has content and you configure it use a workflow for the first time, or you use a different workflow than the one you used before, run the kotti-reset-workflow command to reset all your content's workflow.

    How to enable the custom workflow for images and files

    Images and files are not associated with the default workflow. If you need a workflow for these items you need to attach the IDefaultWorkflow marker interface.

    You can add the following lines in your includeme function:
    from zope.interface import implementer
    from kotti.interfaces import IDefaultWorkflow
    from kotti.resources import File
    from kotti.resources import Image

    def includeme(config):
        # enable workflow for images and files

    How to assign a different workflow to a content type

    In this kind of situation you want to use the default workflow for all your types and a different workflow implementation for a particular content type.

    You'll need to:
    • create the new workflow definition, with a workflow elector
    • write an elector function that will returns True or False depending if the workflow should be applied (otherwise will win the default default workflow, or better, the first matching workflow without an elector)
    • load manually your zcml file in your includeme function
    .ini file (optional)
    kotti_boxes.use_workflow = kotti_boxes:workflow.zcml

    from pyramid.i18n import TranslationStringFactory
    from kotti import FALSE_VALUES

    def includeme(config):
        workflow = config.registry.settings.get('kotti_boxes.use_workflow', None)
        if workflow and workflow.lower() not in FALSE_VALUES:


    From the repoze.workflow documentation: """A workflow is unique in a system using multiple workflows if the combination of its type, its content type, its elector, and its state_attr are different than the combination of those attributes configured in any other workflow."""
    Depending on how specific is your combination you may need to implement an elector (a function that returns True or False for a given context).
    from kotti_boxes.interfaces import IBoxWorkflow

    def elector(context):
        return IBoxWorkflow.providedBy(context)
    <configure xmlns=""

      <include package="repoze.workflow" file="meta.zcml"/>


        <state name="private" callback="kotti.workflow.workflow_callback">

          <key name="title" value="_(u'Private')" />
          <key name="order" value="1" />

          <key name="inherit" value="0" />
          <key name="system.Everyone" value="" />
          <key name="role:viewer" value="viewbox view" />
          <key name="role:editor" value="viewbox view add edit delete state_change" />
          <key name="role:owner" value="viewbox view add edit delete manage state_change" />



          permission="state_change" />



    All posts about Kotti

    Kotti CMS - how to store arbitrary data with annotations

    By davide moro ( from Planet Plone. Published on Feb 27, 2015.

    With Kotti CMS you can extend existing types inheriting from a base class (eg: Document) and obtain another type of object (eg: MyDocument) with new fields, new workflows, custom views, custom addability conditions, etc.

    But sometimes you may want to add a custom field to one or more resources, without having to create a new type. For example you might want to add a colour attribute to all existing Document objects, let's imagine a simple select widget with few colours that will be used for adding a class depending on the choosen colour.

    By default Kotti is shipped with an annotations column that can be used to store arbitrary data in a nested dictionary.

    You can store arbitrary data in the nested dictionary with a syntax similar to the following one:
    context.annotations['SOMEKEY'] = VALUE
    and read annotations with:
    All you need to do is overriding the add and edit form of your target class. With Pyramid is quite easy to extending an existing application and override views, assets, routes, etc. See for further info.

    Here you can see one possible implementation:
    from pyramid.view import view_config
    import colander
    from deform.widget import SelectWidget
    from import (
        LinkActionAddForm as OriginalLinkActionAddForm,
        LinkActionEditForm as OriginalLinkActionEditForm,
    from kotti_actions.resources import (
            colours = [
                ('', 'Select'),
                ('red', 'Red'),
                ('brown', 'Brown'),
                ('beige', 'Beige'),
                ('blue', 'Blue'),

    def add_colour(schema):
        schema['colour'] = colander.SchemaNode(

    @view_config(name=LinkAction.type_info.add_view, permission='add',
    class LinkActionAddForm(OriginalLinkActionAddForm):
        """ Form to add a new instance of CustomContent. """

        def schema_factory(self):
            schema = super(LinkActionAddForm, self).schema_factory()
            return schema

        def add(self, **appstruct):
            colour = u''
                colour = appstruct.pop('colour')
            except KeyError:
            obj = super(LinkActionAddForm, self).add(**appstruct)

            obj.annotations['colour'] = colour
            return obj

    @view_config(name='edit', context=LinkAction, permission='edit',
    class LinkActionEditForm(OriginalLinkActionEditForm):
        """ Form to edit existing calendars. """

        def schema_factory(self):
            schema = super(LinkActionEditForm, self).schema_factory()
            return schema

        def before(self, form):
            super(LinkActionEditForm, self).before(form)
            colour = self.context.annotations.get('colour')
            if colour:
                form.appstruct.update({'colour': colour})

        def edit(self, **appstruct):
            super(LinkActionEditForm, self).edit(**appstruct)
            self.context.annotations['colour'] = appstruct['colour']

    Now our LinkAction add and edit form will have an additional select with our colours.

    All posts about Kotti

    Kotti CMS - how to turn your Kotti CMS into an intranet

    By davide moro ( from Planet Plone. Published on Feb 27, 2015.

    In the previous posts we have seen that Kotti is a minimal but robust high-level Pythonic web application framework based on Pyramid that includes an extensible CMS solution, both user and developer friendly. For developer friendly I mean that you can be productive in one or two days without any knowledge of Kotti or Pyramid if you already know the Python language programming.

    If you have to work relational databases, hierarchical data, workflows or complex security requirements Kotti is your friend. It uses well know Python libraries.

    In this post we'll try to turn our Kotti CMS public site into a private intranet/extranet service.

    I know, there are other solutions keen on building intranet or collaboration portals like Plone (I've been working 8 years on large and complex intranets, big public administration customers with thousands of active users and several editor teams, multiple migrations, etc) or the KARL project. But let's pretend that in our use case we have simpler requirements and we don't need too complex solutions, features like communities, email subscriptions or similar things.

    Thanks to the Pyramid and Kotti's architectural design, you can turn your public website into an intranet without having to fork the Kotti code: no forks!

    How to turn your site into an intranet

    This could be an hard task if you use other CMS solutions, but with Kotti (or the heavier Plone) it will requires you just 4 steps:
    1. define a custom intranet workflow
    2. apply your custom worklows to images and files (by default they are not associated to any workflow, so once added they are immediatly public) 
    3. set a default fallback permission for all views
    4. override the default root ACL (populators)

    1 - define a custom intranet workflow

    Intranet workflows maybe different depending on your organization requirements. It might be very simple or with multiple review steps.

    The important thing is: no more granting the view permission for anonymous users, unless you are willing to define an externally published state

    With Kotti you can design your workflow just editing an xml file. For further information you can follow the Kotti CMS - workflow reference article.

    2 - apply your custom workflow to images and files

    By default they are not associated to any workflow, so once added they are immediately public.

    This step will requires you just two additional lines of code in your includeme or kotti_configure function.

    Already described here: Kotti CMS - workflow reference, see the "How to enable the custom workflow for images and files" section.

    3 - set a default fallback permission

    In your includeme function you just need to tell the configurator to set a default permission even for public views already registered.

    I mean that if somewhere into the Kotti code there is any callable view not associated to a permission, it won't be accessible by anonymous after this step.

    In your includeme function you'll need to :
    def includeme(config):
        # set a default permission even for public views already registered
        # without permission
    If you want to bypass the default permission for certain views, you can decorate them with a special permission (NO_PERMISSION_REQUIRED from which indicates that the view should always be executable by entirely anonymous users, regardless of the default permission. See:

    4 - override the default root ACL (populators)

    The default Kotti's ACL associated with the root of the site
    from import SITE_ACL
    gives view privileges to every user, including anonymous.
    You can override this configuration to require users to log in before they can view any of your site's pages. To achieve this, you'll have to set your site's ACL as shown on the following url:
    You'll need you add or override the default populator. See the kotti.populators options here:


    After reading this article you should be able to close your Kotti site for anonymous users and obtaining a simple, private intranet-like area.

    Off-topic: you can also use Kotti as a content backend-only administration area for public websites, with a complete decoupled frontend solution.

    Useful links

    All posts about Kotti

    Purging some CMFEditions versions

    By Godefroid Chapelle from Planet Plone. Published on Feb 23, 2015.

    How to delete specific CMFEditions versions

    The open horizon

    From Planet Plone. Published on Feb 22, 2015.

    11 years of Plone at UW Oshkosh, and now a new start

    XML Director 0.4.0 release/Newsletter #4

    From Planet Plone. Published on Feb 20, 2015.

    XML Director is a Plone-based XML content-management-system (framework) backed by eXist-db or BaseX.

    How We Made our Site Responsive

    By Chrissy Wainwright from Planet Plone. Published on Feb 19, 2015.


    responsive design header

    The following post was pulled from our Sixie's author archive and has been updated to reflect current practice and standards. Written by our Senior Template Developer, check out how we added Responsive Design the Six Feet Up website and learn a few tricks along the way!

    You can read and see plenty of articles about mobile and responsive development, but this is quite different than actually making an existing production site fully responsive. Here's how I went at it for our own Six Feet Up site, which is powered by the open source CMS Plone.

    The idea was to take our existing design and modify it to look good on mobile browsers.  Previously, the site was using a fixed width at 980px wide. The decision of how the site would look on narrow browsers first went to the marketing team. They decided how the elements would rearrange, and which would be dropped, if any. They came up with a wireframe of the narrow design.

    Six Feet Up's mobile drop-down menu

    I then chose how everything would fall in to place for all the in-between widths. The site continues to be fixed for browsers greater than 1280px, but becomes fluid as you get narrower than that. I then set break points at widths when either something broke the layout, or a column became too narrow.

    The biggest code changes in the site happened to the main_template. Having been upgraded from old versions of Plone, we were still using the tabled version of the site. The table cells were converted to divs, and the divs were arranged to match how they would appear for the narrowest view. The order became content column, right column, left column. Nearly all other site changes were done in CSS, including those for the global navigation.

    A common challenge for developers working on a responsive design can be to get it to actually work in a mobile browser. You can do all your testing using Firefox, and get a decent responsive design together, but it may not work in any other browser.  You may need to add a meta tag for viewport:

    <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1" />

    If you are working with a newer version of Plone, this tag is already part of the main_template.

    For the CSS I prefer to keep all my responsive styles in their own stylesheet so they are easier to find, and don't bloat the primary stylesheet. This can then be added to the registry as its own entry. The media field should be set to all or set the max-width, if all the responsive styles fit in that restriction: screen and (max-width: 1280px). You can check out this site's responsive styles at

    Once you know these tricks, future experiences with responsive design should be much faster.  For me, writing the CSS was the easiest part. One of the most time-consuming parts will likely be getting the client and designer to decide how the site should display at various break points.

    Do you have questions about how to integrate responsive design into your site? Leave us a message in the comments section below or feel free to contact us with any questions.

    Adding SCORM packages to Open edX via SCORMCloud and LTI

    By Nate Aune from Planet Plone. Published on Feb 15, 2015.

    Do you want to be able to use existing training content in an Open edX course? SCORM – the “Sharable Content Object Reference Model” – is a set of interoperability standards for e-learning software that governs how online learning content and Learning Management Systems (LMSs) communicate with each other. It allows units of online training […]