Object Permissions & Custom Roles

you can create and edit object permissions in conjunction with custom roles to meet the organizational needs of a large digital signage network where pricing and offerings may vary by regions and/or stores in this scenario, you may need to limit or allow access according to the objects (media files, dynamic playlists, etc ) themselves see object permissions & custom roles docid\ arsvzypzjxmp9uh9v95h2 for more general information about this topic screenshot 2024 10 31 at 2 23 02 pm png object permissions are accessed through the security section of the properties panel when you select an object this is on the right side of the screen in network , content , or presentations tab (for player, content, or presentation properties) select the security section of the properties panel assign object permissions by role or by user in the assigned roles section, select the desired role (remember that you can only edit permissions for custom roles) in the assigned users section, select the desired user if the toggle is enabled, you can click on it to create an allowing or denying permission to execute a given operation under the current object permissions settings for users have higher priority than those for roles, and permissions for objects have higher priority than those for operations for example, if the presentation creators role has a denying permission to manipulate live text feeds, but one of its members has full control access to a particular live text feed instance then the allowance for that specific object takes precedence over the general restriction for presentation creators user permissions & roles user permissions and roles follow rules as described below no permissions when permissions are not granted either to a user or that user’s current role, the toggle switches are grey but active and do not have a delete icon in this example, the selected user doesn’t have any permissions to execute content specific operations and has no inherited permissions from their role explictly defined permissions when a specific role or user has an explicitly defined permission to execute a particular operation under the given object, the enabled/disabled toggle will be shown in the enabled state with a delete (trashcan) icon next to it in this example, the members of the content managers role are explicitly allowed to view a particular file (view content) but not allowed to manipulate it (update content) you can delete these permissions by clicking on the delete icon which will put inherited permissions into effect instead parent / child permissions when a specific role or user has an explicitly defined permission to execute a parent operation under the given object, the toggles on the all the child operations will have the same enabled/disabled state but no delete icon in this example, the members of the content managers role have full control permission which applies to all child operations as well roles & objects when permission is granted to any role on the admin > roles page, it automatically applies to all objects of a given type and is displayed with an active enabled/disabled toggle but without a delete icon in this example, the members of the content managers role have permission to view all files and manage their tags which is reflected in the security tabs of all the files which do not have an overriding permissions the same applies when you grant any permission to a parent folder of a given file roles & users when permission is granted to any role on the admin > roles page, it automatically applies to all the users assigned to this role and is displayed with an active enabled/disabled toggle but without a delete icon in this example, the selected user is a member of the content managers role and that is why they have permissions to see a particular file and manage tags despite the fact that no permission is granted specifically to this user system roles permissions granted to system roles apply to all objects of a given type and are displayed with active enabled/disabled toggles without delete icons but are not editable in this example, you can see that the members of the creators role have almost all permissions under the given object but you cannot override any of them the same applies to specific objects like your home folder or the “disabled players” group