In this article I’m going to describe an approach that we’ve taken creating a solution for a universal workflow requirement. The idea was to create one workflow for all content items as they all would follow the same workflow process.
Here is a use case that came from one of our wonderful customers:
- All content items should have the same workflow process.
- Different security roles may have or not have access to a workflow state at different parts of a content tree.
- Workbox should respect aforementioned security configuration.
To understand what access rights provide editing permission to the user let’s take a look at the way Sitecore resolves access level to a content item.
- Check if a user has Read (item:read) access to an item. If so, the user will be able to see the item in a Content Editor.
- Check if the user has Write (item:write) access to the item. If the item is in workflow, check whether the user has Write access to a workflow state the item is in (workflowState:write). If either of those access rights is not granted, reclaim modification access.
As you can see both Write and Workflow State Write access rights are required for a user to edit the item.
This is the approach we came up with to address all the requirements. We can meet all requirements by extending standard Workflow class and using it to run workflow process.
First. Define additional access right that along with Workflow state Write one would determine access to items in workflow at different parts of the content tree. In this approach we decided to use “workflowState:write” access right which is available only to workflow related items by default. In this case the only thing we need to do is to make it available for all of the items. And it could be easily configured in web.config file:
Now you can set this right for any item in Security Editor. Just don’t forget to add an appropriate column to see it there.
Second. Extend default Sitecore.Workflows.Simple.Workflow class to take into account new security configuration.
To provide an ability to choose whether access to a workflow state should be combined with access to a content item, I extended System/Workflow/State template with a checkbox field that indicates whether a custom logic should be triggered. Here how it looks now:
I extended WorkflowState class with an appropriate property for the new field.
Now in order to make Sitecore use our new Workflow class we need to override WorkflowProvider to return our extended Workflow instance.
Third. Configure Sitecore solution to work with this customization. Below is a complete example of UniversalWorkflow.config file that could be placed into /App_Config/Include folder to enable this customization:
Why is this solution is worth to blog about? Because it allows us to address all the requirements by customizing only one thing – Workflow class. Both Workbox and Content Editor will respect security configuration if “check required” field is selected on a workflow state item.
Feel free to share your thoughts on this approach as well as suggest improvements or even better solution.
Hope you find it helpful.