BSN.Cloud offers a robust set of permissions features that allow you to protect your content and maintain the efficiency of your digital-signage system—no matter how large it gets. These security features are scalable: you can choose exactly how complex you want your permissions system to be depending on the needs of your organization.
This page describes the BSN.Cloud permissions system and how to use the six predefined System roles, which have fixed permissions that you cannot edit. A separate Custom Roles page describes how to create additional roles with custom permissions.
Role and User Access States
Role and user access can be in one of the following states:
Permission Types
An editable permission for a specific principal, entity, or business operation has an enabled/disabled active colored toggle switch and a "remove" button.
For example, you created a custom Content Managers role and granted with allowing/denying permission to execute just the Content - View Content operation under the selected Media File - this permission is displayed with enabled/disabled active colored toggle switch and a "remove" button.
An editable permission for a specific principal, entity, or parent business operation has an enabled/disabled active colored toggle switch but without the "remove" button.
For example, you created a custom Content Managers role and granted with allowing/denying permission to execute the Content (Full Control) operation under the selected Media File. In this case, the permission to execute the Content - View Content business operation is inherited from Content (Full Control) and is displayed with enabled/disabled active colored toggle switch but without the "remove" button.
Color Indicators
An editable permission is defined for this a specific principal, parent entity.
For example, you created a custom Content Managers role and granted an allowing/denying permission to execute any business operation under any new content folder. In this case the permissions to execute all business operations under all content folders and media files down the hierarchy are inherited from the parent content folder and are displayed with enabled/disabled active but grey toggle switch without the "remove" button
An editable permission is defined for the a parent principal.
For example, you created a custom Content Managers role and granted an allowing/denying permission to execute any business operation under any new content folder or media file. Then you assign a new user to this role and view his permissions. In this case the permissions to execute all business operations under all content folders (except of his personal folder) and media files are inherited from his role and are displayed with enabled/disabled active but grey toggle switch without the "remove" button, as in the previous case.
Permission is defined for this or a parent Principal, this or parent Business Operation, this principal, business operation, or parent Entity entity and is not editable (has '[bool] IsFixed' flag set). These are Permissions permissions defined for System Roles, Personal Folders, Special Groups, etc. They must be displayed with enabled/disabled but inactive and grey toggle switch without the "remove" button. I think the mouse cursor also should be changing to denying icon when it is over the toggle switch.
Permission If permission is not defined for the parent principal, business operation, or parent entity.the toggle switch is disabled and grey. There is no "remove" button.
For example, if you have a role with incompletely defined permissions and a user who doesn't extend and override them. This state is represented by a disabled active grey toggle switch and without the "remove" button.
Permissions
You can view operations and object permissions while logged into BSN.Cloud. All business operations defined in bsn.Content are organized into a tree structure, where permission granted to the parent operation may be inherited or overridden on the child. To review the complete set of business operations, open BrightAuthor:connected and go to the Admin > Roles page.
...