The permission to publish must only be given via "Page Publisher" group, so it is obvious who has publishing, the most dangerous permission.
P.S. News Editor can still publish, because publishing articles is really just editing a boolean option on the article; thus, for News, edit article equals publish article.
Related
N/A. I just noticed this while testing publish permission for a user that mysteriously already had permission.
Changes
deleted publish permission form editor perm. scripts
Testing
Skipped, but would be:
Create/Find CMS without these groups.
Add these groups via script off of this branch.
Create a test staff user assigned to these groups.
Give this group permission to publish only the home page.
Overview
Do not let editors publish by default.
P.S. News Editor can still publish, because publishing articles is really just editing a boolean option on the article; thus, for News, edit article equals publish article.
Related
N/A. I just noticed this while testing publish permission for a user that mysteriously already had permission.
Changes
Testing
Skipped, but would be:
UI
Skipped.