Approval System
Approvals keep humans in control of meaningful actions. An approvals record tracks pending decisions, and specific flows — content, client deliverables, expenses, timesheets, and live WordPress publishing — require a person to approve before proceeding.
#Purpose
#Architecture
An approvals table tracks items awaiting a decision (pending, approved, rejected). Distinct flows enforce their own review step: live publishing uses a wp_publish_live approval; content, deliverables, expenses, and timesheets each have a decide step.
Reviewers are determined by role — for example, timesheet decisions require CEO/admin/manager, and self-approval is blocked.
#How it works
Submit
Route
Decide
Proceed
#Implementation notes
- Live WordPress publishing is gated by a wp_publish_live approval.
- Self-approval is explicitly blocked where it applies (e.g., timesheets).
- Approvals are organization-scoped like all tenant data.
#Limitations
Known limitations
- The set of approval-gated actions is defined by the product, not user-configurable.
- There is no arbitrary approval-chain builder.
#Security considerations
Security
- Never remove human approval for sensitive actions.
- Ensure a permitted reviewer exists so approvals are not chronically stuck.
- AI output must be reviewed before approval.
#Best practices
- Assign reviewers up front.
- Keep approvals moving to avoid blocking work.
- Review AI-assisted items carefully before approving.
#Related documentation
Still need help?
Can’t find what you’re looking for? The DevSphere OS team is happy to help.