Skip directly to content

More Blog Posts

Policy of Truth - David Diers

on Saturday, 13th July 2013 - 9:50

NYC Drupal Camp 2013

Workbench (Moderation and Access) for basic and complex workflows in Drupal (A Talk by David Diers @beautyhammer

Complex and simple workflows.

Workflows (Websters Dictionary)

Workflow - space and time in which it needs to be done. 

University of Texas at Austin - University Policy Office; works with President's office and Legal Services

Old system -> Modern system

Outdated information in static HTML

Contribute and edit content

Complex process into Drupal

Frisbee game workflow - Policy created, then read by different entities, revised by legal, reviewed and signed by president and auxiliary groups, publish or archive.

Diving into business logic and domain knowledge to distill the findings for the developers

Foster understanding:

Paper based prototypes (balsamiq) for the client

Personification using characters to illustrate roles, relationships, and permissions "The Jetsons"

Constant communication, finding boundaries, actual and anticipated.

People think like they work - prefer implementaiton over abstraction, complete features over drafts

Workbench - imporvements from base Drupal for managing workflows 


Manage states between unpublished and published (with transitions)


Node access based on permisssions and membership in a hierarchical taxonomy or menu system

Stanford's Dean of Research

Content producer, Content approver, Content admin

Workbench limitations - needed other APIs such as CTOOLS, panels, contexts, taxonomy, node permissions, views, menus, and theming to fill the gap

Challenges & Solutions

High Variable Workflow

A->C, C->F, F->A, etc. 

  • Transition management, transitions do not control access -> twice the maintenance
  • moderation history damaged if revisions are deleted
  • transition steps(approvals) require node editing access

Workbench Access provides taxonomy-based access BUT

  • Tradtional Access models are based on static relationships to nodes (categories, business areas, etc)
  • Recommended permission settings are over permissive
Workbench on its side: "Moderating" with Access
Taxonomy-based workbench access scheme mirrored UPO constituents
Node changes taxonomies and provides access to individuals in that taxonomy, when removed - access removed.
Actions when passed frisbee as "Legal" different from actions available to same user who is passed frisbee as "Policy Owner"
Roles combined to access taxonomy group... combination of permissions from role, placement in tax. hierarchy... their write/edit permissions would be set
Draft, In Review, Published
Moderation states trigger, not govern, the workflow
"Fwd to review group" - drop down field changes taxonomy, workflow is separate, you could have a timed review limit, add a message ability, add an attachment
Rotate workbench on its side to moderate with access, use helper nodes... 

More Relevant Dashboard

Flashlight & map - here's where you are - here's where you need to go

Conceptual Divergence from core provided and workbook provided dashboards (too passive, non instructive, state not action based, no role based context)

Needs: Curate Owner and Sponsor Portfolios of published policies, Relate and expose supporting nodes of policies in review, Integrate related management featrures to provide context for admins

Created a site specific policy dashboard, Action needed table - policy type, links to view draft, workflow checklist, group discussion

A frisbee-friendly policy dashboard

How do users know what to do?

Managing Permissions

Sensitive information being protected

Concept of a "Review Group"

Did not grant "edit any content"

Custon Ctools access plugins to interpret taxonomy traversal 

Augmented workbench node access restrictions

Allow non-editors to view unpublished content

Owners and sponsers were the exception