Versions Compared

Version Old Version 39 New Version 40
Changes made by

BrightSign TechDocs

BrightSign TechDocs

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

BSN.Cloud offers a robust set of permissions features that allow you to protect your content and maintain the efficiency of your digital-signage system—no matter how large it gets. These security features are scalable: you can choose exactly how complex you want your permissions system to be depending on the needs of your organization.

...

  • An editable permission for a specific principal, entity, or business operation has an enabled/disabled active colored toggle switch and a "remove" button.

    • For example, a custom Content Managers role and with allowing/denying permission to execute just the Content - View Content operation under the selected Media File

  • An editable permission for a specific principal, entity, or parent business operation has an enabled/disabled active colored toggle switch but without the "remove" button.

    • For example, a custom Content Managers role and with allowing/denying permission to execute the Content (Full Control) operation under the selected Media File. In this case, the permission to execute the Content - View Content business operation is inherited from Content (Full Control).

  • An editable permission is defined for a specific principal, parent entity. These permissions are displayed with enabled/disabled active but the toggle switch is grey and does not have a "remove" button.

    • For example, a custom Content Managers role has allow/deny permissions to execute any operation under any new content folder. These permissions are inherited from the parent content folder.

  • An editable permission is defined for a parent principal. It is displayed with enabled/disabled active but grey toggle switch without the "remove" button.

    • For example, a custom Content Managers role has allow/deny permissions to execute any operation under any new content folder or media file. If you assign a new user to this role and view their permissions, the permissions to execute all operations under all content folders (except of his personal folder) and media files are inherited from their role and are displayed with enabled/disabled active but grey toggle switch without the "remove" button.

  • If permissions are defined for a parent principal, business operation, or parent entity and are not editable, they will be displayed with enabled/disabled but inactive and a grey toggle switch without the "remove" button. I think the mouse cursor also should be changing to denying icon when it is over the toggle switch.

    • These are permissions defined for System Roles, Personal Folders, Special Groups, etc.

  • If permissions are not defined for a parent principal, business operation, or parent entity, the toggle switch is disabled and grey. There is no "remove" button.

    • An example would be a role with incompletely defined permissions and a user who doesn't extend and override them.

...

Image 1 shows the difference between fixed and custom permissions. Fixed permissions are defined by the system and are updated automatically as BrightSign adds new features to bsn.Content. By default, all check boxes will be empty when you start defining operation permissions for a custom role. This means that a given custom , so the role doesn’t have any defined permissions to execute the operation specified on the left side of the table. When you check the box, this allows all the members of a given role to execute that operation. If you expand the operations tree and change a state of a checkbox for a child operation, that will create a new, more granular , permission which overrides the parent one. For example, you can allow to execute the Presentation (Full Control) operation to a role responsible for content publishing and restrict their access to delete presentations by unchecking the box for Delete Presentations.

Operation permissions affect all entities of a given type, but have lower priority than object permissions. They are useful for defining a baseline security policy which then can be adjusted by more granular object permissions. Object permissions are accessible in the object Properties (under Security), . For example, you can select the Network, Content, or Presentations tab, chose a player, content, or presentation, and view or change the permissions as shown in Image 2. For more information about creating object permissions, see the Object Permissions page.

...

System Roles

...

These default roles have clearly defined roles and responsibilities and are provided with every BSN.Cloud account. You can hide specific or all system roles by clicking on the gear icon at the top right and selecting them under the Show System Roles menu item, as shown in Image 3.

These are the default System Roles:

...