Xv ocd2010-jsharp


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Xv ocd2010-jsharp

  1. 1. Multi‐Departmental  Multi Departmental Authoring in Drupal g p Jason Sharp (@soawiz) President, Crossvale, Inc. President Crossvale Inc jsharp@crossvale.com www.crossvale.com http://facebook.com/crossvale
  2. 2. Outline Introduction Case Study Highlights Implementation Tutorial I l t ti T t i l Recap 2
  3. 3. Introducing Crossvale Proud Platinum Sponsor of OpenCamp Crossvale’s technical sweet spots:  S ft Software integration i t ti  Automated workflows  Enterprise portals and Web applications Headquartered in the DFW metroplex We want to work with YOU O  If you need a teaming or prime partner  If you want to sell through a GSA Schedule 70  As we need responsible and capable specialists 3
  4. 4. Case Study: Employee Portal “Crossvale delivered our employee enterprise portal in just two months, on time and on budget. We now have a modern, effective intranet portal to support our 5000 employees and 14 departments, providing a central location for all forms, policies, guides, news, and more!” Dan W., Director Employee Communications Portal went live with the corporate rebranding at the start of the year The #1 reason we won it: Time to market  Completed in less time than a technical evaluation  Cost savings vs. commercial software, and especially the additional man-hours, were beyond compelling 4
  5. 5. Employee Portal Highlights The home page for 5000 employees Supported on IE6 (now IE8) and FireFox Provides ll P id all employee communications, policies l i ti li i and guidelines 14 departments with non-technical authors  E.g. HR, IT, Finance, Legal, Security… 2000+ nodes of content 1800+ binary documents and videos 5
  6. 6. Some Employee Portal Features… LDAP (Active Directory) authentication Dynamically evaluated roles for content access  I t Integrated with the HR W h t d ith th Warehouse Public/private file system Sarbanes-Oxley (SOX) Compliant Banners, links and resources related to current content and role Live stock market updates  Integrating Yahoo! Finance 6
  7. 7. …Some Employee Portal Features Many, Many many content types Company-wide live webcasts Video library archive Vid lib hi Bulk pre-configured quotes of the day Integrated search support for users, nodes, and attachments/binaries Printer-friendly and PDF generation from pages Drupal version: current (6.19 as of printing) p ( p g) Module Count: 70+ 7
  8. 8. Goal: Departmental Authors Departmental authors can only author content that belongs to their department Within their department departmental authors can department, access each other’s content, even if it is unpublished Devise a repeatable, scalable approach to managing this capability Devise a manageable way for authors to review the content for which they are responsible 8
  9. 9. Implementation Roadmap 1. 1 Departmental Content 2. Departmental Authors 3. Multiple Authors 3 M lti l A th 9
  10. 10. 1. Departmental Content At its simplest, Drupal can segment nodes by simplest content type  But it is too limiting to design departments with their own types Departments each have use for most of the same content types:  E.g. banners, news, pages, books, forms, policies, guides, videos, links, etc. 10
  11. 11. Approach: Departmental Content Keep universal content types across departments Discriminate by a custom field specifying the department to which the node belongs When a node is created, the author specifies the department field Policies, filtering, grouping, etc. can then be applied i a d li d in departmental f hi t t l fashion 11
  12. 12. Module: Taxonomy Part of the Drupal Core Taxonomy provides for Core, the categorization (i.e. tagging) of content  Enables cool capabilities with Views Token and other Views, powerful modules Create a Department vocabulary specifying: vocabulary,  To which content types it applies (e.g. Pages)  That it is required Add vocabulary terms: Finance, HR, IT, etc. 12
  13. 13. Module: Content Construction Kit (CCK) CCK is used to extend content types with tailored fields Essential for tailored rich content types tailored,  Control for clean forms and display settings http://drupal.org/project/cck htt //d l / j t/ k Enable these essential module components:  Content, Number, Option Widgets, Text Not related to taxonomy, unless you add… 13
  14. 14. Module: Content Taxonomy… Content Taxonomy enables the addition of fields that map to taxonomy vocabularies Such fields can support automatic tagging  You can choose content and/or taxonomy http://drupal.org/project/content_taxonomy htt //d l / j t/ t t t Enable these module components:  Content Taxonomy, Content Taxonomy Options 14
  15. 15. …Module: Content Taxonomy Create a “Department” taxonomy field for your Department content types, specifying:  It is Required and has only 1 value  Save values additionally to the core taxonomy system  It contains terms from the Department vocabulary Move the field to just after the Title field  Easier for authors to initially and obviously designate content if these two fields are first 15
  16. 16. Result: Departmental Content… Our new content  & taxonomy field 16
  17. 17. …Result: Departmental Content Configure CCK “Display  Fields” to [un]display this  new field as desired fi ld d i d 17
  18. 18. 2. Departmental Authoring After setting up departmental content enable content, security policies for departmental authors For a simplified and repeatable approach:  Create a generic (think “base”) author role granting only content creation permissions  Create specific department author roles granting editing p g permissions based on taxonomy y  Assign users to the base AND their specific role But how to associate permissions based on taxonomy? 18
  19. 19. Module: Taxonomy Access Control (TAC) Taxonomy Access Control enables access policies to content based on taxonomy attributes http://drupal.org/project/taxonomy_access http://drupal org/project/taxonomy access Enable the one module component:  T Taxonomy Access Control A C t l Next, configure security roles:  /admin/user/taxonomy_access 19
  20. 20. Configure a Role with TAC… 1. Select the new  taxonomy term 3. Add this new  3 Add this new setting to this role 2. Specify the  permissions 20
  21. 21. …Configure a Role with TAC 4. Be sure to save  your changes! 21
  22. 22. Result: TAC With TAC enabled, only the granted taxonomies are made available. 22
  23. 23. Testing Best Practice: Masquerade Create dummy accounts of various roles then roles, test via masquerade Masquerade enables an entitled user to assume the identity of another http://drupal.org/project/masquerade http://drupal org/project/masquerade Enable the one module component:  Masquerade Next, add the Masquerade block 23
  24. 24. Using Masquerade Use the masquerade  Use the masquerade block to switch user IDs Switch back when  finished. Use the URL if  your user can’t see the  switch back options. /masquerade/unswitch 24
  25. 25. Bonus: Pre-populating Department Pre populating Q. Q How can we pre populate the Department field pre-populate from the role membership of the author? A. A Specify the default value with PHP: // map from author role name foreach ($user->roles as $key => $my_role) { // to dept term id p switch ($my role) { ($ y_ ) $map_role_to_dept["HR Author"] = 4; case "HR Author": $map_role_to_dept["IT Author"] = 7; case "IT Author": ... $my_department = $map_role_to_dept[$my_role]; // access current user info break; global $user; } } // determine visitor’s dept return array( 0 => array( $my_department = 0; 'value' => $my_department)); 25
  26. 26. Bonus: Restricted Visitor Access Restrict visitor access by:  Non-union employees vs. union, manager, departmental employee, departmental manager, etc. Use TAC for View access on visitor roles  Just like Add/Delete access on author roles But don’t forget to first:  Add a Restricted vocabulary and add a matching content field  Setup the author permissions with this vocabulary 26
  27. 27. Config: Restricted Default Access “default” applies the  policy across all terms in  the vocabulary y Default visibility for  anonymous and  anonymous and authenticated users is now  DENIED 27
  28. 28. Config: Restricted Manager Access Ensure managers can “see” the  Ensure authors can “see” the  restricted content…but only the  content they should! 28
  29. 29. Config: Restricted Author Access The proper result  for an IT author Authors must also be able to see  Authors must also be able to  the restricted content… and  see the restricted content…  update, delete, create, & list d d l & li and add, delete, create, & list 29
  30. 30. 3. Multiple Authors Drupal supports many authors through role based role-based permissions Key limitation: only the administrator can see unpublished content  i e Authors can only see each other’s published i.e. other s content It is essential for multiple authors to collaborate on unpublished content too! 30
  31. 31. Module: Module Grants Applies security policies from access modules onto unpublished nodes, so authors’ access policies can be used in a team effort http://drupal.org/module_grants Enable these module components:  Module Grants, Node Tools 31
  32. 32. Authoring Best Practice: Content List With lots of content especially with access content, restrictions, it becomes difficult to ensure accurate configurations The content list is a custom view specifically for authors, authors listing all pertinent content Exposed filters for easy review  Type department restriction published status search Type, department, restriction, status, terms Enables review of content, access and content access, convenient edit links (including “?destination”) 32
  33. 33. Result: Content List 33
  34. 34. Recap: Departmental Content  Content Construction Kit (CCK)  Taxonomy  Content Taxonomy Departmental Authors  Taxonomy Access Control (TAC) Multiple Authors M lti l A th  Module Grants Honorable M ti H bl Mentions:  Masquerade, Views 34
  35. 35. Thank YOU! Questions? Jason Sh J Sharp (@ (@soawiz)i ) President, Crossvale, Inc. jsharp@crossvale.com www.crossvale.com http://facebook.com/crossvale http://facebook com/crossvale 35