Personal tools
You are here: Home Documentation How-tos Setting permissions with workflow
Support

Get Help

Join our chat rooms or support forums if you have more specific questions.

Plone Training
Learn how to design, build, and deploy a website in Plone through one of the numerous Plone training sessions around the world.
Find Plone training…
 
Document Actions

Setting permissions with workflow

This How-to applies to: Any version.
This How-to is intended for: Integrators, Customizers

Describes how to alter object permissions based on workflow states.

You can control the access to portal objects based on:

  • Location - use Local Roles tab on the folders to control which users are considered reviewers, owners, managers, etc.
  • State (Publishing status) - use permissions on a workflow to define which roles have access in each state.

The following instructions will show how to copy and modify a workflow to restrict access. By default, objects that are in a visible or pending status are viewable by any logged in user. I did not want to make that content available until it was officially published, however, certain users need access to certain areas (folders) in order to add, revise and publish the content they are responsible for. I used Local Roles to give specific users status in a folder as reviewers, owners, or managers.

  1. In the ZMI, go into your Plone folder, then into "portal_workflow".
  2. Note the name of the workflow that is specified for the object you want to control. If this is "(Default)", then the name is in the bottom field. This name is probably "plone_workflow".
  3. Click on the "Contents" tab
  4. Check the box next to the workflow you noted above, then click the copy button.
  5. Click the paste button that appeared after you did the copy.
  6. Rename the new workflow to something meaningful.
  7. Click on your new workflow.
  8. Click on the "States" tab.
  9. For each of the states you want to change permissions for:
    1. Click on the state name.
    2. Click on the Permissions tab.
    3. Uncheck the " Acquire permission settings?" boxes.
    4. Change the other permissions as desired (or as shown below if you want to duplicate my workflow).
  10. Go back into "portal_workflow".
  11. Change the value of the workflow field to the name of your new workflow for any objects you want to have affected (or just change the default).
  12. Click the "Change" button.
  13. Click the "Update security settings" button.
  14. Test the access on object types that use your new workflow.

Pending State

Permission name

Anonymous

Authenticated

Manager

Member

Owner

Reviewer

Access contents info

X

X

X

Modify portal content

X

X

View

X

X

X

Private State

Permission name

Anonymous

Authenticated

Manager

Member

Owner

Reviewer

Access contents info

X

X

Modify portal content

X

X

View

X

X

Published State

Permission name

Anonymous

Authenticated

Manager

Member

Owner

Reviewer

Access contents info

X

X

X

X

X

X

Modify portal content

X

X

X

View

X

X

X

X

X

X

Visible State

Permission name

Anonymous

Authenticated

Manager

Member

Owner

Reviewer

Access contents info

X

X

X

Modify portal content

X

X

View

X

X

X

Note that there may be more permissions available, depending on what products you have installed. However, the principle is the same for all of them.

by Alan Runyan last modified February 4, 2006 - 17:43 All content is copyright Plone Foundation and the individual contributors.

For any issues with the web site functionality, please file a ticket.

Please consult the policy on plone.org content if you want your content published on this site.

Servers and hosting by