In my Sitecore workbox admin can perform "Approve", "Reject" actions from workbox.
By default workbox displays "Approve All", "Reject All" buttons.
Is there a way to control access to these "All" buttons for certain roles by configuring security?
There is no easy way, because these all buttons are rendered always together with selected buttons. The only way I know is to override class that renderes these buttons.
You need to find \sitecore\shell\Applications\Workbox\Workbox.xml file and change base class in this line to your own class:
<CodeBeside Type="Sitecore.Shell.Applications.Workbox.WorkboxForm,Sitecore.Client"/>
I created one, that always hides all buttons:
public class WorkboxForm : Sitecore.Shell.Applications.Workbox.WorkboxForm
{
protected override void DisplayState(global::Sitecore.Workflows.IWorkflow workflow, global::Sitecore.Workflows.WorkflowState state, global::Sitecore.Data.DataUri[] items, System.Web.UI.Control control, int offset, int pageSize)
{
base.DisplayState(workflow, state, items, control, offset, pageSize);
if (control.Controls.Count > 0)
{
var borderControls = control.Controls[control.Controls.Count - 1].Controls;
for (var i = 0; i < borderControls.Count; i++)
{
if (i % 2 == 1)
{
borderControls[i].Visible = false;
}
}
}
}
}
= REST OF THE ANSWER TELLS HOW TO MANAGE ACCESS TO WORKFLOW STATE BUTTONS =
You can define access to these buttons in Security Editor.
First login to Sitecore Desktop as an admin, go to Start->Security tools->Security editor. Select role and click Columns button:
Make sure this checkboxes are checked:
Then in Security Editor go to /sitecore/system/workflows and configure access rights for your workflow:
According to Workflow Reference:
3.4 Workflow and Security
Sitecore defines three workflow specific access rights.
Workflow State Delete — controls whether or not a user can delete items which are currently associated with a specific workflow state
Workflow State Write — controls whether or not a user can update items which are currently associated with a specific workflow state.
Workflow Command Execute — controls whether or not a user is shown specific workflow commands.
Related
I have an interactive grid that is updated via custom javascript when the user clicks the custom toolbar button. Then the result is saves using grid's save button via a process. After the process runs, the old data (present before the update) gets displayed until the grid is refreshed manually. My question is what is the best way to kick off the grid refresh manually after update process finishes?
I came across the same problem of refreshing the grid after click on SAVE.This is how it can be resolved.
Follow the steps below :
Create Dynamic Action
When → Custom
Custom Event → interactivegridsave (Do not change this)
Selection Type → Region
Region → your IG region
Now create a true action for the Dynamic Action.
Action → Refresh
Selection Type → Region
Region → your IG region
Please make sure the event name interactivegridsave is spelled correctly as the interactivegridsave fires after the execution of SAVE process.
solution by #Prashant_417 work successfully with me, but instead of refresh region i submit the page
0
I came across the same problem of refreshing the grid after click on SAVE.This is how it can be resolved.
Follow the steps below :
Create Dynamic Action
When → Custom
Custom Event → interactivegridsave (Do not change this)
Selection Type → Region
Region → your IG region
Now create a true action for the Dynamic Action.
Action → submit page
Please make sure the event name interactivegridsave is spelled correctly as the interactivegridsave fires after the execution of SAVE process.
thanks u
Try this:
1- Create an item, for example, P1_FLAG.
2- Create a dynamic action.
Name: refresh_ig
Event: Change
Selection Type: Item(s)
Item(s): P1_FLAG
In Client-side Condition:
Type: Item = Value
Value: 1
3- Create TRUE Action.
Action: Refresh
Affected Elements
Selection Type: Region
Region: Your interactive grid region.
4- Create TRUE Action.
Action: Set Value
Set Type: PL/SQL Function Body
PL/SQL Function Body: Return null;
Items to Submit: P1_FLAG
Selection type: Item(s)
Item(s): P1_FLAG
Finally, in your process
:P1_FLAG := 1;
I've written some code to refresh an index when an item is programmatically added to Sitecore. Now as the live system is made up of 1 CM and 2 CD Servers I need my code to also trigger the indexing to be refreshed on the CD Servers (unfortunately my dev machine is just a single box so I can't test this fully). I've looked online but can't find anything about this when triggering a re-index programmatically.
So the question is do I need to write code for this or does Sitecore do this by default and if I do need to write code, does anyone have ideas how I go about this. My current code is below.
ISearchIndex index = ContentSearchManager.GetIndex("GeorgeDrexler_web_index");
Sitecore.Data.Database database = Sitecore.Configuration.Factory.GetDatabase("web");
Item item = database.GetItem("/sitecore/content/GeorgeDrexler/Global/Applications");
index.Refresh(new SitecoreIndexableItem(item));
My config for the index has the remotebuild strategy enabled
<strategy ref="contentSearch/indexConfigurations/indexUpdateStrategies/remoteRebuild" />
As #Hishaam Namooya pointed out in his comment, publishing from master to web should trigger the web index updates out of the box, unless you've disabled something in the configurations.
Note that items won't publish unless they are in a final workflow state, so if you want a completely automated process that creates the item, updates the local index, and then immediately updates the web index, you will also need to update the workflow state to your final approved state and then trigger a publish of the item.
I want to test out the Sample Workflow in Sitecore 8. This is what I have done so far:
Insert the sample workflow in the standard values of the template
Created two test users: Test Editor and Test Approver
Created two roles: SubmitionRole and ApprovalRole
In Security Editor I assigned Read, Write access including the 3 workflow rights to the Draft state for the SubmitionRole role and assigned this role to Test Editor
In Security Editor I assigned Read, Write access including the 3 workflow rights to Awaiting Approval and and Approved states for the ApprovalRole role and assigned this role to Test Approver
Then I created an item from that template with the Test Editor and the item went into the Draft state. So I submitted the item in the Workbox.
Now when I log in with the Test Approver, there's nothing in the Workbox. I can see the Workflow and its Approval State in the Workbox, but there's nothing inside it. As admin I can see the item waiting in the Approval state.
Here is a screenshot of the Access Viewer for the Test Approver:
What am I missing here?
Ensure that your user/role has language read and write access to the relevant item languages located under /sitecore/system/Language. The Language Read and Language Write are a separate set of fields which you can expose in the Security Editor by selecting them from the "Columns" option. The content approval role needs both Language Read and Language Write on the relevant language items:
You don't need to assign Write access to the workflow state items (Awaiting Approval and Approved). This means that ApprovalRole is allowed to edit those items, not items in that state.
What you need to set is:
Workflow State Write for the Awaiting Approval state (controls whether or not a user can update items which are currently associated with a specific workflow state)
Workflow Command Execute for the commands below Awaiting Approval state which should be allowed for the role (controls whether or not a user is shown specific workflow commands)
Write access to the item itself (the one that was submitted from the Draft state to the Awaiting Approval state).
And that should be it.
.
In my Sitecore workbox, there are several workflow states being displayed. (Draft, Awaiting, Approved)
How can I restrict acess only to one/few(Draft) workflow states for a particular role (e.g. Junior Manager) in Sitecore?
(I m using v6.5)
Yes, you can. To be able to see the various workflow states you'll need read access to that workflow state as well as write access to the item you want to approve/ reject.
From the Workflow Cookbook (chapter 3.1 and 3.2):
3.1The Content Editor and Workbox only displays workflow commands for
non-Administrator users when: The user has write access to the
associated item. and The user has write access to the command’s parent
workflow state. and The user has read access to the workflow command
itself.
3.2 Users who have read access to a workflow state can see that state in
their workbox as long as the state includes workflow commands for
which they have command execute access rights. If business
requirements state that a particular workflow state should be hidden
from a given set of users, you can restrict access to that state for
those users by: Hiding all the workflow commands in the state from the
users in question. or Explicitly hiding the workflow state itself from
the users in question. To explicitly hide a workflow state: Turn off
the inheritance access right for the workflow state item and do not
grant read access to the workflow state to the user and all the roles
assigned to the user. or Deny the user or one of the roles that the
user is assigned read access to the workflow state item.
We have different areas of our site that we have locked down to specific users. So for example, a user that is a member of the sitecore role 'UK_Editor' can see all other countries content (they only have read access). However, on the UK area they have full access.
The problem is, the user can still go to another Countries content, and the 'publish' button is still available.
Is there a way to restrict this?
Sitecore v: 6.5.0
You could test out enabling the Publishing.CheckSecurity config setting, should prevent users from being able to publish another sites content with the correct roles applied.
<!-- PUBLISHING SECURITY
Check security rights when publishing?
When CheckSecurity=true, Read rights are required for all source items. When it is
determined that an item should be updated or created in the target database,
Write right is required on the source item. If it is determined that the item
should be deleted from target database, Delete right is required on the target item.
In summary, only the Read, Write and Delete rights are used. All other rights are ignored.
Default value: false
-->
<setting name="Publishing.CheckSecurity" value="true" />
You might be able to override the QueryState of the PublishItem class (in Sitecore.Shell.Framework.Commands)
Read this question for a bit more information.
You'll need to return CommandState.Hidden if you want the button to be hidden. You'll need to think of something smart to make sure they can all publish the content in their language, but not in someone elses.
[edit]
It might be possible to do something like if (Sitecore.Context.User.IsInRole('sitecore\englisheditor') && context.Items[0].Language == Sitecore.Data.Managers.GetLanguage('en')) {return base.QueryState(context)}
Otherwise you can return CommandState.Hidden. I'm not entirely sure about the second part of the if statement though.
Take a look at the following blog post, it describes how to security control the UI items associated with publishing in the core database.
http://www.cognifide.com/blogs/sitecore/why-and-how-hide-publish-site-buttons-in-sitecore/