...
This page describes the BSN.Cloud permissions system and how to use defaultSystem roles. By default, you will see only six predefined system roles having fixed permissions which you cannot edit. See The Custom Roles and Object Permissions for more information about page describes how to create a custom role , with custom permissions, or object permissions.
According to existing requirement in any point the access of selected Principal (Role or User instance) to execute the specific Business Operation under the specific securable Entity may be in one of the following states:
...
You can view operations and object permissions while logged into BSN.Cloud. All business operations defined in bsn.Content are organized into a tree structure, where permission granted to the parent operation may be inherited or overridden on the child operations. In order to To review the complete set of business operations, you can open BrightAuthor:connected and go to the Admin > Roles page.To distinguish inherited and specific permissions,
...
In Image 1, you can see the difference between fixed and custom permissions. Fixed permissions are defined by the system and get are updated automatically as BrightSign adds new features to bsn.Content. You can hide specific or all system roles by clicking on the gear icon at the top right and selecting them under the Show System Roles menu item. When By default, all check boxes will be empty when you start defining operation permissions for a custom role, you should see a default state where all check boxes are empty. This means that a given custom role doesn’t have any defined permissions to execute the business operation specified on the left side of the table. When you check the box, this creates an allowing permission to all the members of a given role to execute that operation. If you expand the tree of operations, and change a state of a checkbox for a child operation, that will create a new, more granular, permission which overrides the parent one. For example, you can allow to execute the “Presentation Presentation (Full Control)” operation to a role responsible for content publishing and restrict their access to delete presentations by unchecking the box for “Delete Presentations” Delete Presentations business operation.
Operation permissions affect all entities of a given type, but have lower priority than object permissions. They are useful for defining a baseline security policy which then can be adjusted by more granular object permissions. Object permissions are accessible in the object Properties (under Security), For example, you can select the Network, Content, or Presentations tab, chose a player, content, or presentation, and view or change the permissions as shown below:in Image 2. For more information about creating object permissions, see the Object Permissions page.
...
System Roles
These default roles have clearly defined roles and responsibilities and are provided with every BSN.Cloud account. You can hide specific or all system roles by clicking on the gear icon at the top right and selecting them under the Show System Roles menu item.
These are the default System Roles:
...