Issues with workflows
When trying to tighten the security to appropriate level (author only gives go-ahead, without editing anything), I found two problems (by using two step authorization). First one is critical/serious level of bug (as there ain't possibility to create a pure authorization user), the latter is more of an inconvenience.
- authors are not allowed to author the pages (the pages menu shows up, but all pages are gray.. although group pages can be clicked - which probably is a bug of it's own). This despite adding view and edit rights to pages. The only way to be able to allow authors to actually authorize the draft to go to next step is to add authors into editors-group.
- In two step workflow, there is no publisher class created. This means that it has to be manually entered, including all necessary permissions (which in their own are an issue in this case).
The way to recreate this bug is simple, albeit bit long:
-create new project
-complete the setup and then go to settings -> workflows
-create 2 step authorization for pages
-give the rights to first step for authors
- (check for confirmation that there ain't specific user group to add for second phase, fixing requires creating such a group or just using admins or specific users instead)
-create 2 new users (1 who only belongs to author and 1 who belongs to editors)
-sign out as admin and back in as editor
-create new group page and a normal page underneath it & send the latter for approval
-sign out as editor and sign back in as author
-go to pages menu to notice the new pages are both gray
-clicking the normal page does nothing, clicking group page brings up it's options
-hence the authors can't authorize the page for next step
(to fix.. sign out as author and get back in as admin, add the author user also to editors, then sign back into system as the author and now you can authorize the draft to go to next page.. so far I have not been able to come up with any rights that would have granted possibility for author to go to authorize the page, even trying giving all possible rights without adding the editors-role)
Thank you for reporting this issue. This is a bug and I’ve already logged into our bug tracking system.
The author’s role is designed for users who add content, but cannot edit the pages. That’s why in your case the Author user sees all pages in View mode but can’t edit them.
Here is a summary of the roles we have: