Hello everyone, For those who haven't seen the new replacement for CChannelManager (UP-2047), our new portlet administration portlet offers some new portlet lifecycle features. Administrators will now be able to move content through a structure workflow that contains the following states: created, approved, published, and expired. These states are described in detail at http://www.ja-sig.org/wiki/display/UPC/Portlet+Lifecycle.
While end users will presumably only be able to see channels with a lifecycle state of "published," it would of course be helpful to allow administrators, content owners, and fragment owners to be view unpublished content while it's being developed. We might want to render the chrome separately to make sure these special groups of users can differentiate between content currently available to end users and that which is not yet published. However, before we get to that step, we need to update our permissions model to support configurably displaying unpublished content by user group. This work is currently represented by JIRA UP-2499. This issue also intersects in potentially interesting ways with our existing logic for determining whether a user should be able to subscribe to a channel. Currently we don't allow users to subscribe to channels which are members of the top-level "All Categories" category, though they are still able to view these channels. In the past, these channels were also not able to be administered through the channel administration tool, though we've fixed that as part of the UP-2047 work. Even with the added ability to administer these channels, I believe it's still the case that fragment layout owners will have trouble subscribing to these "hidden" channels, and it seems like this behavior is likely to be confusing. While we're already making changes to the channel permissions, it might make sense to separate out the subscribe and render channel permissions. >From looking through the codebase, it appears that both the ChannelManager and user layout code defer to AuthorizationImpl.canPrincipalRender(IAuthorizationPrincipal principal, int channelPublishId), which in turn defers to AuthorizationImpl.canPrincipalSubscribe(IAuthorizationPrincipal principal, int channelPublishId) to determine if a user may view an individual channel. It looks like if we update AuthorizationImpl, our changes should be applied in both places. I'd like to propose the following new channel permissions: SUBSCRIBE_CREATED SUBSCRIBE_APPROVED SUBSCRIBE_PUBLISHED (replaces current general SUBSCRIBE permission) SUBSCRIBE_EXPIRED RENDER_CREATED RENDER_APPROVED RENDER_PUBLISHED RENDER_EXPIRED Once these permissions are all available, they could be assigned to specific groups and channels/channel categories to allow administrators, content owners, and fragment layout owners to subscribe to and render content not currently available to most users. We could also use these enhanced permissions to eliminate the magical top-level channel category behavior. Instead, content like the login channel could be placed in a special group for which end users have render permissions but no subscribe permissions. Does anyone have foresee problems with this approach or have suggestions for improvement? - Jen -- Jen Bourey -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/uportal-dev
