Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Hi,
I created a new customised content admin role to segregate content admin users to manage their own resources. I need the custom content admin to be able to create new stream and manage the security access rule for the stream he/she created/owned. However the custom content admin is still able to edit the security rule for read-only streams although other sections within the stream remained as read-only. Has anyone done this before? Appreciate advise from the experts out there.
Here are the security rules i have created:
CustomContentAdmin
Resource filter - Stream_*,App*,ReloadTask_*,UserSyncTask_*,SchemaEvent_*,User*,CustomProperty*,Tag_*,DataConnection_*,CompositeEvent_*,Extension_*,ContentLibrary_*,FileExtension_*,FileExtensionWhiteList_*
Actions - Create, Read, Update, Delete, Export, Publish, Duplicate, Approve
Conditions:
((user.roles="CustomContentAdmin" and resource.app.@UserGroup=user.@UserGroup or resource.@UserGroup=user.@UserGroup))
CustomContentAdminStream (Note: If I dont add this rule the custom admin will not be able to create new stream and only able to see and manage the stream he/she owned)
Resource filter - Stream*
Actions - Create, Read, Publish, Change owner
Conditions
((user.roles="CustomContentAdmin"))
CustomContentAdminRuleAccess
Resource filter - SystemRule_*
Actions - Create, Read, Update
Conditions
user.roles = "CustomContentAdmin"
and resource.category = "Security" and (resource.resourcefilter matches "Stream_\w{8}-\w{4}-\w{4}-\w{4}-\w{12}")
Thank you.
Resolved the issue by adding the following condition in bold in the rule
Rule name: CustomContentAdminStream
Resource filter - Stream*
Actions - Create, Read, Publish, Change owner
Conditions
((user.roles="CustomContentAdmin" and resource.owner.name=user.name))
Resolved the issue by adding the following condition in bold in the rule
Rule name: CustomContentAdminStream
Resource filter - Stream*
Actions - Create, Read, Publish, Change owner
Conditions
((user.roles="CustomContentAdmin" and resource.owner.name=user.name))
I have the same issue.
But i can't restrict access Custom user role to manage the security access rule for the stream he/she created/owned.
Rule allow access to all Streams security rules or no one.
For example
Stream_TORulesAccess
Resource filter - SystemRule_*, Stream_*
Actions - Create, Read, Update,Delete
Conditions
(user.roles = "Stream_TO"
and (resource.category = "Security" and resource.resourcefilter matches "Stream_\w{8}-\w{4}-\w{4}-\w{4}-\w{12}"))
its allow to create and edit secity rules for all streams
Stream_TORulesAccess
Resource filter - SystemRule_*, Stream_*
Actions - Create, Read, Update,Delete
Conditions
(user.roles = "Stream_TO" and resource.owner.userId=user.userId
and (resource.category = "Security" and resource.resourcefilter matches "Stream_\w{8}-\w{4}-\w{4}-\w{4}-\w{12}"))
it's rule not works.
Early thanks for any advice