| Expand | ||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||
|
The BrightSign Network offers a robust set of security and permissions features that allow you to protect your content and maintain the efficiency of your digital-signage system—no matter how large it gets. These security features are scalable: you can choose exactly how complex you want your permissions system to be depending on the needs of your organization.
...
The Permissions tab displays whether the user or group is permitted to carry out a certain action. Every possible user action in the BrightSign Network is listed here, divided by category.
| Note |
|---|
NoteA checkmark by a category indicates that the user or group has complete access to all options in that category, but an “X” by a category may not mean that all actions in the category are restricted. Click on the + symbol to expand a category and view the permissions for every possible action within it. |
...
This section will introduce you to common applications of various System Roles. These default roles are great for BrightSign Network accounts with a small amount of users who have clearly defined roles and responsibilities within the organization.
| Note |
|---|
NoteThe System Roles for the BrightSign Network correspond to the user permissions system in BrightAuthor. |
Overview
You are the systems administrator for a small chain of five donut shops located around the city. The chain has just replaced all of their chalkboards used for menus, special offers, and announcements with digital displays powered by BrightSign players, which are linked to the company’s BrightSign Network account. There are many employees who need to use the network in order to keep the store menus and special offers up-to-date. You are faced with several personnel and security challenges when configuring the network, all of which can be solved using the System Roles provided with every BrightSign Network account.
...
Click the Account button at the top right of the page.
Navigate to the Users and Roles tab on the right-hand side of the page.
Click the role to which you wish to add the user.
Drag and drop a User Card from the User List into the gray field under Assigned Users.
| Note |
|---|
NoteA user can only have a single role at any time. |
...
Being assigned to the Administrators role gives you access to all the features offered on the BrightSign Network. This is the only role that allows you to edit the account status of other users: as a member of Administrators, you can add new users, delete existing users, and assign users to different roles; furthermore, you can create and edit Custom Roles, a feature that will be explained in the Intermediate section of this document.
| Tip |
|---|
TipThe The first user of a BrightSign Network account will automatically be assigned to the Administrators role. If you are not the first user on your account, you will need to have the user who is assign you to the Administrators role. |
...
This chapter will explain how to create and edit Custom Roles. The roles outlined here are used as examples to explain how to conceptualize and create a Custom Role. The needs of your organization may be different from the examples included in this section.
| Note |
|---|
NoteIn In order to create a Custom Role, you will first need to check the Show Advanced Security Settings and Enable Custom Roles Management checkboxes located in the Advanced section of the Account page. |
...
Click the Account button at the top right of the page.
Navigate to the Permissions tab on the right-hand side of the page.
Click the Create New Roles button beside the Roles List.
Enter a name and (optional) description for the Custom Role.
Check the Copy Permissions From checkbox to base the permissions of your Custom Role on a preexisting role. As long as you have the advanced settings enabled on the Account page, you will be able to change all copied permissions.
| Note |
|---|
NoteIf you do not copy permissions, you will need to set up permissions manually by dragging and dropping the role name into each Operations category. When you do this, the permissions will be automatically set to “Allow.” If you don’t add the role to an Operations category, the permissions for that category remain set to “Deny” by default. |
...
This section will explain how to use object permissions in conjunction with Custom Roles to meet the organizational needs of a large digital signage network.
| Note |
|---|
NoteIn order to create Custom Roles and edit object permissions, you need to have the Show Advanced Security Settings and Enable Custom Roles Management boxes checked. They are located in the Advanced section of the Account page. |
...
Click on the Security tab in the Properties window.
Assign permissions for the object by roleor by individual user.
In the Assigned Roles tab, click the Add button and select the desired role. Remember that you can only edit permissions for Custom Roles.
In the Assigned Users tab, click the Add button and select the desired user.
You can now choose whether to “Allow” or “Deny” certain actions for a specific Dynamic Playlist, Live Text feed, etc.
| Note |
|---|
NotePermissions settings for Users have higher priority than those for Roles, and permissions for Objects have higher priority than those for Operations. For example, if the Presentation Creators are restricted from creating Live Text feeds, but full control for the role is enabled for a certain Live Text feed, then the allowance for that specific object takes precedence over the general restriction for Presentation Creators. |
...
Create a Custom Role based on Publishers.
Assign all of the store managers to this role.
Change the role so that the actions “View Groups” and “Change Schedule” in the Group category are denied.
Make sure that each group of players reflects a different store location.
Change the object permissions of each group on the network so that each user assigned to the custom Publishers role can only view and modify the group corresponding to his or her store.
| Note |
|---|
NoteYou can also assign object permissions based on individual BrightSign players. This is helpful if you already organize groups in some other way (by region, by store type, etc.). |
...
The marketing department wants to upload an announcement for a new flavor of donut in order to test how it will look on a digital display. However, the board of directors is worried that the competition will get wind of this new flavor before it is rolled out across the nation. To minimize the risk of a leak, you want to make sure that, for the moment, only the employees directly involved with testing the announcement have the ability to view, edit, or schedule the presentation.
| Note |
|---|
NoteIn order for this scenario to work, most or all users need to be assigned to Custom Roles. Just like operations permissions, the object permissions for the default System Roles cannot be edited. |
...