This section discusses the issues that are specific to configuring security for projects and workflows used in ATG Content Administration. It relies on familiarity with general workflow security, which uses the Access Control List mechanism. Workflow security is described in Setting Up Security Access for Workflows in the ATG Personalization Programming Guide.
An individual user’s access to a project and its tasks in the ATG Business Control Center is controlled by his or her access rights to the workflow on which the project is based. For example, to be able to select the option in the ATG Business Control Center that indicates an Author task is complete, a user needs Execute access rights for the Author task in the underlying workflow.
Workflow access rights are themselves determined by roles. For example, in any project based on the Content Administration Process workflow, Execute access to the Author task is given by default to the roles EPubUser, EPubManager, EPubAdmin, and EPubSuperAdmin. Any user who is assigned one of these roles in the ACC can complete the Author task.
Write access lets the user change attributes of a task, such as its priority, owner, and access control list. Execute access grants the user the ability to complete or release a task.
The following list shows the access rights required to perform project- and workflow-related functions in the ATG Business Control Center:
To be able to… | Users need the following access right: |
|---|---|
Create a project |
|
Add an asset to or remove an asset from a project |
|
Assign tasks to other users |
|
Release a task |
|
Complete a task (in other words, change its status in the ATG Business Control Center) |
|
Deploy a project |
|
The following list shows the access rights configured for the default Content Administration Process workflow:
Activity | Granted to the following ACC roles |
|---|---|
Create a project based on this workflow | EPub-User |
Complete the Author task | EPub-User |
Complete the Content Review task | EPub-Manager |
Complete the Deploy task (note that the specific elements of this task varies according to the workflow) | EPub-Manager |
You can change the access rights for entire workflows or individual tasks either by editing the .wdl file for the workflow or (recommended) by opening the workflow in the ACC and editing appropriate elements. The procedure is described in detail in Setting Up Security Access for Workflows in the ATG Personalization Programming Guide.
