...
According to existing requirement in any point the access of selected Principal (Role or User instance) to execute the specific Business Operation under the specific securable Entity may be in one of the following states:
Types of Permissions:
a) Permission is defined for this specific Principal, Entity, Business Operation and is editable. For example, you created a custom "Content Managers" Role and granted allowing/denying Permission to execute just "Content - View Content" Business Operation under the selected Media File - such Permission must be displayed with enabled/disabled active colored toggle switch and "remove" button;
b) Permission is defined for this specific Principal, Entity, parent Business Operation and is editable. For example, you created a custom "Content Managers" Role and granted allowing/denying Permission to execute "Content (Full Control)" Business Operation under the selected Media File. In this case the Permission to execute "Content - View Content" Business Operation is inherited fromĀ "Content (Full Control)" Business Operation and must be displayed with enabled/disabled active colored toggle switch but without the "remove" button;
Color Indicators:
c) Permission is defined for this specific Principal, parent Entity and is editable. For example, you created a custom "Content Managers" Role and granted allowing/denying Permission to execute any Business Operation under any new Content Folder. In this case the Permissions to execute all Business Operations under all Content Folders and Media Files down the hierarchy are inherited from the parent Content Folder and must be displayed with enabled/disabled active but grey toggle switch without the "remove" button;
d) Permission is defined for the parent Principal and is editable. For example, you created a custom "Content Managers" Role and granted allowing/denying Permission to execute any Business Operation under any new Content Folder or Media File. Then you assign a new User to this Role and view his Permissions. In this case the Permissions to execute all Business Operations under all Content Folders (except of his Personal Folder) and Media Files are inherited from his Role and must be displayed with enabled/disabled active but grey toggle switch without the "remove" button, same as in previous case;
e) Permission is defined for this or parent Principal, this or parent Business Operation, this or parent Entity and is not editable (has '[bool] IsFixed' flag set). These are Permissions defined for System Roles, Personal Folders, Special Groups, etc. They must be displayed with enabled/disabled but inactive and grey toggle switch without the "remove" button. I think the mouse cursor also should be changing to denying icon when it is over the toggle switch;
f) Permission is not defined neither for this nor for parent Principal, neither this nor parent Business Operation, neither this nor parent Entity. This is possible in case when you have a Role with incompletely defined Permissions and a User which don't extend and override them. Such state must be represented with disabled active grey toggle switch and without the "remove" button.
Permissions
You can view operations and object permissions while logged into BSN.Cloud.
...