Access, State, and Workflow
State: Its Purpose
Let's say that you've just created a page or folder. In Contents mode, the title text of your new item is green. This is a color code indicating that the item State is "Members Only." It means that only UWMC Radiology Department faculty and staff will be able to see your content. This is the default State for all new content. If that is fine with you and if you would like your item to be viewed only by UWMC Radiology Department members, just leave the State as is.
But what if you'd like a wider, or a more selected, audience? Perhaps readers will be only those Radiology Department members on one particular committee? What if your work is still only a draft, and you prefer to keep it to yourself for now? What if your audience should be public, so that absolutely anyone with Net access can read it? Fortunately, Plone lets you choose your own content privacy level. We are here to tell you how to tap in to it.
State, How to Change It
(We'll explain below what the States are, and what they mean.)
On a Page
In View (not Edit) mode, look at the green edit frame at the top of the page. On the right, you will see a State tab, showing the State of the page or folder right now. Click this tab, and choose the State that you wish. This will also work in View (not Edit) for a folder, to change the state of the folder itself.
In a Folder
Open the folder and click the Contents tab. You can look at the colors of the titles of the items, and determine what State your items have now. To change the State of any item, click the button to the left of its title to checkmark the item. Underneath the list of folder items, on the lower right, there is a Change State tab. Click here, and scroll down. Choose a State, click its radio button, and Save.
What State options do we have?
You can assign any of the following State options to your work. They are listed in order from most open, to most restricted. For each state, the title of your item as shown in Contents mode will match the color given below.
- Public (blue). Anyone on the Net can view this material. For example, the entire Personnel folder is Public. When you go to My Folder and post your office location, photo, and phone, the public can easily search by name and find your page. Note: When title is blue and status is listed as "Published," that's the same thing; Published is just an older term used on older sections of the site.
- (UW) net ID only (teal, which is a greeny shade of turquoise. In older web sections, this will be a slate-gray color instead). Anyone with a UW net ID and password can view your content. This includes all UW students. It also includes some of our Radiology colleagues at affiliated Seattle institutions, such as the Seattle Cancer Care Alliance. This is broader than Members only.
- (Radiology) Members only (green). This is the default view for all new items when they are first created. Only faculty and staff who are listed in the Personnel section of the Radiology website will be able to see this material. You can request special Member access, say for a visiting scholar in your department. Just click the 3rd contact link at the bottom of a web page to contact Web Services.
- Protected (orange). This is also called Pending Review. It means either one of two things.
- A selected set of members can view the material, but these members do not have access to edit content. (In Plone, people who can view but not edit were given the role name Contributors. Yes, this makes no sense. In future versions this role name will change.) The creator of that section, and the creator's team, can add and remove names from the Contributor list at any time. Protected state can also mean...
- Readers can add material, which will then be approved by an administrator for that section. If you go to the Intranet > "$ave a Dollar a Day" section, and add a suggestion to the Forum, your message will be sent to Chris Laubenthal; once he approves the idea, its state will automatically be changed from Protected to Members Only.
- Private (red). This can only be viewed by you and by people with access to create items in that folder. Therefore if you want Private to be really Private, create the material in your own Personnel section in My Folder! (You can easily cut & paste the items to their destination folder later.) No one should have viewing access to your My Folder section -- except the Radiology Web Services team. (The 3 of us need to have access to every item in the site.)
Observations about State
My Folder, Accessing
If you log on to the website and on the top right you see your own Net ID appearing, but you do not see your full name there and do not see the link My Folder on the top right, it means that you like most UW faculty and staff have a level of access known as "Net ID." This allows you to view more items than the public can view, but you will not be able to view most things and will not be able to write or edit anything at all. If you work for Radiology, you ought to be given a My Folder personnel listing which you can freely edit as you like. If My Folder does not appear, check this by finding the Search field on the top right and typing in your name. Probably the search result will be zero. If so, your supervisor will need to put in a request to a Radiology Personnel Manager, asking that you be added to the Personnel listing and providing your Net ID (which is often but not always the same as the first part of your email address before the @ sign), and your Classification (Research, Administrative, etc.). At that point, a Personnel Manager can add you to Personnel.
Where did Public State go?
In folder Contents mode, if you open the Change State option, you may not see the Public option among the choices. That's a security safeguard to confirm that yes, you really do want to go from a more restricted State to a public one. This is why going Public will sometimes take two steps instead of one. In Change State, just choose whichever State is the closest to Public, then Save. Then click Change State again. This time you should be able to Change State to Public.
Trick: If you are already in Net ID Only and wish to go Public, the Change State will offer you Members Only as an option instead of Public. Just click Members Only, and Save. Then Change State again. Next time you should see Public. This is an older glitch of the system that we all just live with.
When you are in the Personnel section (as, when editing My Folder), don’t use the State status button at the top right. That button won’t offer you the usual options because people do not have a state – they are either active staff, or non-active.
Instead, click on the item in the Contents list that you wish to change. Then use the Change State button at the lower right. This opens the Publishing Process page. Scroll down and use the Change State options there.
Links and Related Items
If you add an internal link on page A pointing to page B, and if later on you then go to page B and change its state to a more restricted level, it's possible that readers of page A who click on the link might get an error message and that the link won't work. Plone warns us when we are about to delete a document which will break a link; but Plone will not warn you when you break a link by changing the state of a link destination. Changing state can break links!
Of course, there are times when it is necessary to restrict access to a special item in your section. But when an origin page is in the public state, it is considered good practice to not include links to objects in more secure states directly in the body text of the page. Instead, you can use the helpful 'Related Items' function to link to more secure content so that visitors will actually be able to see the items accessed by the links.
You can also alert your readers by placing an advisory near the link on page A, letting them know that they will need to (for example) log in with a net ID when they click the link, or letting them know that a certain web application form needs to be for the use of department members only.
If you would like to simplify workflow states for your section, or if you would like more security precautions (say, a setting which automatically puts all new items in Private status before review), ask us at Web Services. We're happy to help you with that.
The Theory of It All: The More Advanced Background, from our Web Developer
The UW Radiology website provides workflow tools to assist authors in controlling access to the website. The workflow tool is flexible, powerful and very secure. It is also a bit complex, so let's take a look at the basics.
What is workflow?
Every piece of content in the website has an associated workflow. A workflow consists of states and transitions. States control what rights a particular user has with respect to the piece of content. Transitions move a piece of content from one state to another.
Each state that a piece of content may be in has a particular set of rights that it grants to various users. Those rights can control whether a piece of content may be seen, whether it may be edited, even whether its current state may be changed by the current user. If the content item is a folder, states can also control who may add new items to that folder.
When logged in, the current workflow state of an object may be found in one of three ways:
- Color coding in the navigation menu at the left edge of the screen
- Color coding and name in the 'state' menu in the green frame
- Color coding and name in the contents table shown on the contents tab of the folder which contains the object
Transitions take a piece of content from one state to another. Some states have only one possible transition, others may have many. Making a transition from one state to another is done by clicking on the 'state' drop-down menu in the green frame. When the menu opens, simply select the transition you wish to make, and the webpage will reload. When it does, the object will now be in a new state.
What does the default workflow offer?
The default workflow for the UW Radiology Website has five states:
- Public (indicated by blue text)
- NetID Only (indicated by teal, or sometimes by blue-gray, text)
- Members Only (indicated by green text)
- Protected (indicated by orange text)
- Private (indicated by red text)
Each of the states offers a different level of protection. As a rule, in all states the 'Owner' of an object (the person who originally created it) retains the right to edit, delete and change the state of the object. In addition, other individuals may gain this same right by virtue of inheriting the right from higher up the folder hierarchy (more on this later)
The public state is the most open state possible. In this state, any visitor to the site can view the content object. When an page is in the public state, it is good practice not to place links to objects in more secure states directly in the body text of the page. Instead use the 'Related Items' function to link to more secure content so that visitors are not invited to click on links they will not be able to view.
When an object is in the NetID Only state, it may only be viewed by persons who have logged in to the website using a UW NetID. This means that anyone at the University may view the object, but only when logged in. When pointing people to content in this state, it is advisable to inform them that they will be required to log in to view it. As above, it is advised to use the 'Related Items' function to link to more secure content from objects in this state.
Searches using the website search bar will not show items in this state to persons who are not logged in, nor will they be able to find them using the Site Map.
This is the initial state for all new content in the radiology website. Content items in this state are only visible to people who are listed in the website personnel directory. If there is a need to grant access to such an item to a person who is not an employee or student of UW Radiology, please contact the Radiology Web Services team for assistance.
The protected state provides highly configurable protection for your content. In this state, permission to view the object may be granted to groups or individuals who are members, but by default only the owner of the object has the right to view it. Users granted the right to view the object will still be unable to edit the object.
A Private object is effectively invisible to anyone except the owner of the object. As with any state, 'Owner' is generally the person who created the object, but may also be persons who inherit the role from above in the folder hierarchy. By definition, anyone who can see an object in this state may also edit it.
May I use different workflows for different items of content?
Yes. The workflow system for plone allows for designating workflow either by content type (page, folder, image, etc) or by location in a site. This means that you may override the default workflow for a section of the website by assigning a new workflow for objects contained inside a particular folder.
Some of the changes you might wish to enact:
- A Simpler Workflow: perhaps you don't need all the fancy states, but rather want all the content in your area to be immediately public. Or perhaps you want to have all the content in your area be members only, and don't want to allow for other states.
- Editorial Control: perhaps you wish to exert some control over what gets published in your area of the website. The default workflow allows the owners of an object to move it to any state on their own. However, it is possible to use workflow to require authors to submit items for review before publishing them.
The possibilities are nearly endless. If you have need for this type of customization, please contact
Radiology Web Services. We will be happy to assist you.