Registration, Authentication and Authorization
Six Feet Up customized Plone's default content workflow to address the client's need to control website access for both external users and over a dozen internal roles. These workflows allowed administrators to approve or deny newly-requested accounts, or to activate/de-activate existing accounts. We also leveraged custom "chained" workflows so that users could be dealt with individually rather that being treated as members of a single class. For example, external users could be logged in or not, their account could be automatically "locked" after multiple incorrect login attempts, and they could be either "verified" or not depending on whether their identity had been validated by the client's process.
The registration process, customized to support both internal and external users registrations, included an automated nightly process to verify the professional status of healthcare professionals via third-party data services. Again, the "chained" workflow allowed the system to flag non-verified users in the system as such, without deactivating their accounts prior to review from an administrator.
The system provided over 15 roles, allowing administrators to control permissions for almost every aspect of system use, including:
- Managing users and groups permissions
- Creating, editing and removing documents and metadata
- Managing document workflows
- Altering the site architecture (e.g., creating new folders, moving documents, etc.)
- Managing the history of documents and revert changes
- Controlling which fulfillment methods are available to specific users (e.g.: certain roles can download items, but not email or request a hard copy)
- Restricting access to each report available in the system based on users' role (e.g., one role may see all search reports, but not reports about user data)
Fulfillment and Support
The client requested that healthcare professionals be presented with multiple options when it came to fulfilling specific documents or sets of documents. Visitors were able to bookmark, print, email, download or request a hard copy of the files they were interested in. They were able to either retrieve individual files one at a time, or send multiple files to a wishlist for fulfillment later on.
Should site users not be able to find the information they were looking for, they also had the option of contacting the company's customer support hotline. Site visitors could either email the company's hotline, call a customer representative, or request a callback.