Difference between revisions of "Security Groups for managing security"
From All n One's bxp software Wixi
Philip Lacey (talk | contribs) (Created page with "= Overview = This section is managed in individual Security Groups. Security_Group Instead of having to add content and functionality to diverse user groups, the secu...") |
(No difference)
|
Revision as of 20:18, 16 March 2018
Contents
1 Overview
This section is managed in individual Security Groups. Security_Group
Instead of having to add content and functionality to diverse user groups, the security access can be stored in the security groups and as users are added and removed from the groups so the appropriate permissions can be applied to the relevant accounts.
1.1 Operations
1.1.1 Adding permissions
The rules here are applied in 2 places.
- Editing of a Security Group
- This causes a refresh of permissions for all members associated with the Security Group
- Addition of member to a Security Group
- This causes a refresh of permissions for all members associated with the Security Group and addition to any new members added to the group.
1.1.1.1 Functional Access
This allows sections and functions to be automatically modified to a user when they are added to a group. The rules are entered as XX-ADD,YYYY-ADD,XX-REM,YYYY-REM
- XX is the two digit id of a module.
- YYYY is the four digit id of a section
- ADD will add access to the users. REM will remove this access from the users.
A full reference table of the module ids and the section ids is provided here The_Modules_and_Sections_of_bxp_(Reference_Table)
1.1.1.2 Content Access
This allows Content to be automatically modified by a group of users when they are added to the group. The rules are entered as TYPE-ID-ADD,TYPE-ID-REM
- TYPE is a keyword for the "content access keyword" listed as per Bxp_Security_-_Content_Management.
- Id is the numeric id for the content available from the various modules.
- ADD or REM will add or remove the content types appropriately
1.1.2 Removing permissions
There are two places where this is an option
- Deleting of a Security Group (rules are reversed)
- Removal of a member from a Security Group (rules are reversed)
There are four options presented in these two places.
- Do not reverse access
- Reverse only Functional Access
- Reverse only Content Access
- Reverse all access
If permissions are granted through another group, removal will override the other groups permissions. The preferred option should be "Reverse only Content Access".
