Allow to limit content access per channel - apply limitations to content editing / solr indexing

Background

Content access can currently be set in the workflow. It is very flexible in status, but when a content type is shared between channels the access can't be limited to a channel.

Implementation

• In INTEGRATED-1321, multiple user groups can be added to a channel

• When no groups have been added, everyone has access

• Administrators always have access, no matter of their access settings (ROLE_ADMIN) (this should already be the case)

• Assignee of the article always have access, no matter of their access settings (this should already be the case)

• Being in one of the groups is enough to get access

• To access the content you have to have access by Channel configuration AND by Contenttype/Workflow configuration (Workflow overrules content type)

• Write access will be based on the combination of channels. When multiple channels have been selected for a document, you need access to all channels to edit them.

Because a user can be added to many groups complex combinations are possible (user can read news from Channel X and write articles on Channel X and Y)

Requirements

• Update the workflow Solr indexer to include the new channel group access settings (see Implementation)

• Update the workflow access voter to include the new channel group access settings (see Implementation)