I've have a workflow schema applied to an asset. A user (e.g. userAp) has write access to the asset but not admin rights. When the asset is in the Pending Approval state then userA cannot edit eh asset (as expected). When the asset is in the live state however userA can edit the asset and the changes are visible directly to public users. As I understood workflow userA should not be able to edit the asset until it is in the Safe Edit state.
Matrix calculates end-to-end workflow for the User. So, if it is a single-step workflow, and UserA can approve that step, Matrix permits the user to make live changes (because they would be able to approve them anyway). Matrix has always worked this way. If you want to prevent this behaviour, we usually recommend a peer-review style workflow, where the single step is a group of authors, but it requires at least 2 approvals. That way, the person making the change cannot also completely approve the change. They need to find another user in the same group to do it.
In this case userA is not part of the workflow, i.e. userA is not part of the group required to approve the go live request.
Is the workflow applied to the asset? Once workflow is applied, any user not part of that workflow should not even see lock buttons or be able to edit a Live asset.
Yes, the workflow is applied to the asset. It also sends out email notifications to the users in the approval group as expected.
I also expected that the user should not be able to edit the asset.
I've done some further investigation. In the backend userA cannot get the asset lock on the details or edit content pages, but userA can still lock the metadata page and change the metadata?!? I would've thought that editing the metadata would also be blocked while the asset is in the Live state.
My simple edit interface for this asset consists almost entirely of metadata fields and it seems that is why userA is still able to edit the asset in the front end, even though it is in the live state.
Hi Avi, should I log a bug for this?
No -- this is probably by design. I believe workflow is designed purely around asset contents, not other components, such as metadata, design or linking. Greg will have to determine whether this is a bug or a feature request.
You are right. Safe edit is for attributes only, so only attribute editing is forced into safe edit. Editing metadata, designs, linking, permission etc always results in instant changes.