Preview of documents / workspaces in Neos

Most of the time you don’t need to preview a document because you see the website in Neos while editing, but in some use cases Neos can become even more editor friendly. I don’t know if some projects in this direction already started, but i want to write down some stories / use cases how our customers use Neos:

1) As an editor i want to get a preview of a document, even if its hidden, to be able to check e. g. links, buttons and some integrated tracking via google tag manager.

Example: Editors often create a hidden page in live workspace and want to get a preview of it before activating. The way is often still known from other CMS.

Acceptance criteria:

  • You have to be logged in Neos backend
  • Final page rendering

2) As an editor i want to navigate through a whole workspace in preview mode to see all changes.

Example: New campaign with a lot of changes prepared in a special soft-relaunch workspace.

Acceptance criteria:

  • You have to be logged in Neos backend
  • All links and buttons should be rendered correctly with workspace url parameter
  • Final page rendering

3) As an editor i want to share a preview of a specific document to get feedback from external authors / proofreading departments.

Example: An external blog author without backend login wants to approve his submitted article before live publishing.

Acceptance criteria:

  • Valid personal link for x days can be created in Neos backend
  • Strict access to the special page

I hope it’s written clearly enough. We would like to be active in this direction, but not without prior feedback / discussion. :wink: Maybe you have some further use cases or ideas?

Related issues:

1 Like

Hey @mirkokaufmann

For your userstory 3 maybe this could be interesting to you:

@christianm wrote that just recently. It is not released yet but you can use dev-master meanwhile (like I do). There is also no documentation (readme or so) available. Just as quick info: The package “injects” itself into the workspace module and provides actions for creating a preview-link (admin restricted by policy by default) and another action to copy the preview-link.



that package from @christianm is a nice one and worked in my development local installation pretty fine.

But now the production backend gives me the following error, when refreshing (generating the first time) the token / preview-link:

Exception #1222204027 in line 62 of /var/www/virtual/hans1231/neos/Data/Temporary/Production/Cache/Code/Flow_Object_Classes/Neos_Flow_Security_Aspect_PolicyEnforcementAspect.php: Could not authenticate any token. Might be missing or wrong credentials or no authentication provider matched.
Evaluated following 2 privilege target(s):
“Neos.Neos:AllControllerActions”: ABSTAIN
“Flownative.WorkspacePreview:RefreshHashTokenForWorkspace”: ABSTAIN
(0 granted, 0 denied, 2 abstained)

15 Neos\Flow\Security\Authorization\Interceptor\PolicyEnforcement_Original::invoke()
14 Neos\Flow\Security\Aspect\PolicyEnforcementAspect_Original::enforcePolicy(Neos\Flow\Aop\JoinPoint)
13 Neos\Flow\Aop\Advice\AroundAdvice::invoke(Neos\Flow\Aop\JoinPoint)
12 Neos\Flow\Aop\Advice\AdviceChain::proceed(Neos\Flow\Aop\JoinPoint)
11 Flownative\WorkspacePreview\Controller\HashTokenRefreshController::refreshHashTokenForWorkspaceAction(Neos\ContentRepository\Domain\Model\Workspace)
10 call_user_func_array(array|2|, array|1|)
9 Neos\Flow\Mvc\Controller\ActionController_Original::callActionMethod()
8 Neos\Flow\Mvc\Controller\ActionController_Original::processRequest(Neos\Flow\Mvc\ActionRequest, Neos\Flow\Mvc\ActionResponse)
7 Neos\Flow\Mvc\Dispatcher_Original::initiateDispatchLoop(Neos\Flow\Mvc\ActionRequest, Neos\Flow\Mvc\ActionResponse)
6 Neos\Flow\Mvc\Dispatcher_Original::dispatch(Neos\Flow\Mvc\ActionRequest, Neos\Flow\Mvc\ActionResponse)
5 Neos\Flow\Mvc\DispatchComponent_Original::handle(Neos\Flow\Http\Component\ComponentContext)
4 Neos\Flow\Http\Component\ComponentChain_Original::handle(Neos\Flow\Http\Component\ComponentContext)
3 Neos\Flow\Http\Component\ComponentChain_Original::handle(Neos\Flow\Http\Component\ComponentContext)
2 Neos\Flow\Http\RequestHandler::handleRequest()
1 Neos\Flow\Core\Bootstrap::run()

POST /neos/_token-login/hash-token-refresh/preview-zzpsg HTTP/1.1

I am not yet into security and privileges … so could anyone (perhaps Christian :-)) help me on that?

Thanks alot.


Currently you have to be a Neos Administrator to refresh those tokens, which made sense to me for now. You could give editors that privilege too, or create a new role for people that should be able to refresh the token. Copying the resulting link is always possible for editors… It’s just the (re) creation of the link.

To be fair this package is just the bare bones, I hope to make the whole experience nicer, probably even making it a core feature at some point.

Hi Christian, thanks for the quick reply. Fortunately I am/was Admin but testet it now with a fresh login again and … it worked … neos-magic (as usual) -> those package bare bones seem to work well.
[Seemed to be Solved]