Often the sample workflow provided with Sitecore can be all you need, but often times the client wants much more flexibility, especially when dealing with multi-regional or multi-departmental organizations. In our case these were the workflow states and commands that were required:
This is quite self-explanatory. To function, the workflow above requires the creation of 4 roles: an Editor role, an Approver role, a Proofreader role and a Publisher role.
What complicated things was that the client wanted a separate set of roles for each of their regions. In other words, with a naive implementation, we would have needed to create a quite large number of roles:
total number of roles needed = 4 x num of site regions
A post by Rick Cabral inspired the following implementation, which ensures that each of our security roles addresses one and only one of the following concerns:
- Rights to Items (which section of the content tree a role has access to)
- Rights to Workflow States / Commands
- Rights to Sitecore features
Using this approach we need only:
- (num of regions) roles to handle content
- 4 roles to handle workflow
So these are the roles that we have create to handle the workflow:
Let’s take a look in particular at the Content Editor settings in the Security Editor, to see how to set correctly access levels:
This allows the editor to work only with items that are in Draft state and it gives the editor access to be able to Submit for Approval.
Content wise, here are the security settings for the Access to Region 1 security role:
Then, if we want to create a user that is a content editor just for region 1, all we have to do is to make the user member of both the Content Editor role and the Access to Region 1 role: