[DOCU-149] How to protect a public instance from unauthorized activation Created: 29/Apr/11  Updated: 13/May/11  Resolved: 13/May/11

Status: Closed
Project: Documentation
Component/s: content
Affects Version/s: None
Fix Version/s: None

Type: Task Priority: Neutral
Reporter: Antti Hietala Assignee: Antti Hietala
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Template:
Acceptance criteria:
Empty
Task DoR:
Empty
Date of First Response:

 Description   

Write a best practice for preventing unauthorized content activation to public instance. The default Magnolia way to solve this is with an activation workflow. Permissions to activate and approve content are granted to distinct groups of users - typically editors can activate and publishers can approve.

This is already explained somewhat in Workflow and inbox access but the question keeps coming up in RFPs often enough that we should write a dedicated answer. You can revise the existing article, new page not necessary.

Points to cover:

  • Activation workflow. Can have multiple: website, dms etc.
  • Organizing responsibilities through groups and roles. Talk about the default roles since they work fine to solve this issue.
  • How to grant/restrict access to Activate command
  • How to grant/restrict access to workitems in inbox
  • How to grant/restrict access to Approve command


 Comments   
Comment by Ruth Stocks [ 07/May/11 ]

Revised "Workflow and Inbox access" section at http://docuauthor.magnolia-cms.com/administration/security/acl-examples.html#WorkflowandInboxaccess

Comment by Antti Hietala [ 13/May/11 ]

Reviewed article and made a few changes. Closing.

Generated at Mon Feb 12 01:06:23 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.