Details
Major
Description
Users may have any mix of these three permissions:
- Create mailing
- Schedule mailing
- Approve mailing
Generally, the approval flow is driven driven through Drupal rules. For example, user A creates a mailing and submits. A notification is sent to user B who reviews it and schedules. Then another notification is sent to user C who reviews and approves.
There's some preliminary support for the permissions in the new Mailing API, but we need several more pieces to support this use-case, e.g.
- The frontend needs to adapt based on permissions+status – hiding and showing various sections, e.g.
- In the wizard, hide/show an "Approval" step depending on whether permission "approve mailings" is granted.
- We need a way for client-side code to assess permissions. (Note: This is emphatically a complement and not a substitute for permissions in the API.) An adhoc call to addSetting() is probably the expedient thing. (Although.. it's really tempting to a clever scanning/preloading trick like we do with ts().)
- The interface for Mailing.submit API probably needs revision.
- Check that Drupal Rules still fires as expected.
- Check for a link in the "Scheduled and Sent Mailings" that may be pointing to standalone page. Make it something sensible.
