Any user can be assigned to a content item, also when he does not have access to it. In that case the user will have the content in his assigned list, but is unable to open the content.
When the current user is assigned to a content item he must have WRITE rights to it, also if he doesn't have it because of the workflow state rights.
I think the change must be made in integrated\workflow-bundle\Security\WorkflowVoter.php
Configuration:
Make sure you install the WorkFlowBundle first: https://bitbucket.org/eactive/integrated-workflow-bundle/overview
Go to Manage - Workflow. Add a new workflow. The new workflow needs a name and some states. For example: Draft and Published. One state needs to be the default. Write permissions for the default state need to be available for specific groups only.
Go to the menu: Manage - Content types. Edit a content type. Choose the Workflow you just created for this content type.
Create content and assign a user.
Note: workflow configuration is saved in ORM (mysql)
Can't fully test this.
I adjusted the article workflow, so that users with the role author can't write raw copies of an article OK
I made a new user -> role author OK
I made a new article (raw copy) OK
I assigned this new article (raw copy) to the new user (e-activemarcel) OK
I logged in as e-activemarcel and opended the new article (got a mail and notification, so that works) OK
I can't test because when logged in as the author, the content editor won't load. When I log in as admin, I see the content editor. NOK
Can retest this, when the editor will be loaded. Please fix this first.
Login: test-author-1
Pass: test-author-1
Retested and it works! I can write in an article raw copy while authors don't have the writing rights. But it worked because that specific item was assigned to me.