Skip to main content
Warning This document has not been updated for a while now. It may be out of date.
Last updated: 30 Jan 2020

content-publisher: User Permissions

There are a number of permissions that can be applied to a user in Content Publisher. In integration, staging and production environments these are managed through signon. In a local environment permission changes can be made through the Rails console, for example:

irb(main):001:0> user = User.first
irb(main):002:0> user.permissions << User::ACCESS_LIMIT_OVERRIDE_PERMISSION

Permissions and their affects

All permissions used by Content Publisher are set as constants on the User model.


The access limit feature in Content Publisher allows a publisher to forbid users outside of their organisation from accessing a document prior to its publishing. A user with the access_limit_override permission will be granted access to all documents no matter what organisation they belong to.


The debug permission is intended for Content Publisher developers as a means to view diagnostic information within the application. This is currently limited to being able to view the edits made in each revision of a document.


The managing_editor permission acts as a role that is given to users who are the managing editors for their department. Having this permission enables users to manage the withdrawing of content and the ability to distinguish whether content is applicable for history mode.


When content is on GOV.UK and in history mode it can no longer have new drafts created, and it can no longer be withdrawn. However, users that have the manage_live_history_mode permission are granted the ability to perform these actions.


Content Publisher makes use of a simple feature flag pattern where any features that are not yet releasable are wrapped in permission conditionals. This enables incomplete features to be merged into the codebase and deployed without them being available to all users. When the feature is ready these conditionals are then removed. Users who hold the pre_release_features permission will have access to these features; this permission is typically only granted to members of the team developing Content Publisher.