There are a number of permissions that can be applied to a user in Content Publisher. In integration, staging and production environments these are managed through signon. In a local environment permission changes can be made through the Rails console, for example:
irb(main):001:0> user = User.first
irb(main):002:0> user.permissions << User::ACCESS_LIMIT_OVERRIDE_PERMISSION
irb(main):003:0> user.save
All permissions used by Content Publisher are set as constants on the User model.
The access limit feature in Content Publisher allows a publisher to forbid
users outside of their organisation from accessing a document prior to its
publishing. A user with the access_limit_override
permission will be
granted access to all documents no matter what organisation they belong to.
The debug
permission is intended for Content Publisher developers as a means
to view diagnostic information within the application. This is currently
limited to being able to view the edits made in each revision of a document.
The managing_editor
permission acts as a role that is given to users who
are the managing editors for their department. Having this permission
enables users to manage the withdrawing of content and the ability to
distinguish whether content is applicable for history mode.
When content is on GOV.UK and in history mode it can no longer have new
drafts created, and it can no longer be withdrawn. However, users that have the
manage_live_history_mode
permission are granted the ability to perform these
actions.
Content Publisher makes use of a simple feature flag pattern where any features
that are not yet releasable are wrapped in permission
conditionals. This enables incomplete features to be merged
into the codebase and deployed without them being available to all users. When
the feature is ready these conditionals are then removed.
Users who hold the pre_release_features
permission will have access to
these features; this permission is typically only granted to members of the
team developing Content Publisher.