Optimizely Content Approvals are a mature and highly configurable feature. However every project is different and in designing an optimal workflow for our customers – it is important to plan accordingly to ensure a clean user experience while adhering to security principles when dealing with access rights.
The principle of least privilege (PoLP) refers to an information security concept in which a user is given the minimum levels of access – or permissions – needed to perform his/her job functions.
This is a key principle that we will take forward in designing our workflow.
Planning Content Approval Workflows
The key to planning an Approval workflow is defining the types of user roles who will be involved in a sequence.
For each user role you define, consider the “Principle of least privilege” in granting them permissions to your Optimizely system. We only want to give each role access that is absolutely necessary to the functioning of your optimal approval workflow.
Consider the following for each user role you are planning.
- Should members of this user role have access to CMS or Commerce content or both?
- Will the user role be responsible for approving or publishing content or both?
- Can users in a role override the Approval sequence to publish content that has not gone through it’s full workflow?
In the rest of this series we’ll work through setting up an optimal workflow to meet a requirement.
- The Approval Workflow is to manage Commerce Content only
- Products are added programmatically though an API integration and should enter the approval sequence automatically
- Content to be approved only by designated language specific approvers (English, Spanish, French). Spanish approvers can only review Spanish content.
- The approvers have the ability to edit content during the review process
- Content in all languages is published by a user with publishing permissions
Our User Roles
Given this requirement we can define 2 distinct roles
- Edits and approves content assigned through a workflow
- Cannot publish content
- Publish content in any language once assigned in the workflow after approval by a Content Approver
- Does not approve content
- However can override an approval sequence for a product to force the publishing even if it has not yet been approved by a Content Approvers.
Code Base Updates
If you’re not familiar – this page will explain Optimizely virtual roles: Virtual roles | Optimizely Developer Community (episerver.com)
The “CatalogManagers” virtual role grants access for the Catalog system in Commerce only.
We will define two roles for our system which both map to this CatalogManager virtual role:
ContentReviewers – Can review content that has been assigned
ContentPublishers – full permission to publish content. They have the ability override approval sequences and force publish if required
In the web.config map these roles to the “CatalogManagers” as follows:
<add name="CatalogManagers" type="EPiServer.Security.MappedRole, EPiServer.Framework" roles="ContentReviewers, ContentPublishers" mode="Any" />
Avoid adding these roles to the “CommerceAdmins” virtual role. That should be kept for WebAdmins and Administrators only.
Content Repository Save Actions
The wrong Content Repository Save Action can cause the approval sequence to be overridden.
Review your code base to make sure that content programmatically created that should go through an approval sequence uses the “Request Approval” save action.
_contentRepository.Save(writableContent, SaveAction.RequestApproval, AccessLevel.NoAccess);
In the next post we will proceed to configure Optimizely Access Rights, User Groups, Roles and finally the Approval Sequence to meet our requirement while adhering the principles outlined at the beginning of the post.