The last couple of months I have been doing a lot of Microsoft Content Management Server (MSCMS) development and I think it definitely allows you to do some cool stuff. For those of you who don't know, MSCMS allows users without any html knowledge or special tools to publish content to a corporate website while maintaining a common look and feel and supporting an approval process for all of your published content.
The product has however some shortcomings and last week the functional analyst of our project stumbled on one of them. For every posting you can define an approval process with authors, editors and moderators, so after an author creates a posting, the editor first approves the layout and then the moderator approves the content (This is a very quick overview). So for about every change, you need to go through this approval process EXCEPT for deletion of postings
The obvious thing todo to disable the delete for authors was to add an ASP.Net panel control around the delete section in the defaultconsole.ascx and put it to visible false when a user had no editor or approve rights. Well this doesn't seem to be very simple:
So basically I'm stuck, anybody any ideas....
In MCMS.Rapid (http://markharrison.co.uk/blog) we will have some changes around Delete - will support a Soft Delete function.
ReplyDeleteIn the past we have created a hidden channel to which only 'users who can delete' have access. This is then checked and if the current user can access that channel then delete is available otherwise it is hidden.
ReplyDeleteWe generally implement this using ad lookup, and only show the delete function if the user is a member of an NT/AD group. Drawbacks are that you are maintaining another group, but having said that in the cases where you want to control delete there are generally only a few people you want to give access to so the overhead is really minimal.
ReplyDeleteIn MCMSRapid, what we've done is you setup a hidden channel, then when a delete is triggered, just move the page to this channel, this is a nice graceful solution, it also wrappers publishing workflow and approval around the delete event without any nasty code just by adding moderators onto the 'SoftDelete' channel.
This kind of circumnavigates the need to hide delete as you can protect the authors and editors from themselves.
TonyS-Artemis