Home will denote the scenario of a house in a town called Springfield where Bart lives with Homer as the administrator. Most of the use cases that might be encountered in everyday life have been gathered, as you can see in the picture.
The house is one of the greediest users of media you can find.
There are a desktop or laptop, computers, tablets, smartphones, gaming consoles, and connected TV, and our house project must use all of them at the same time. Nevertheless, you don't want to worry and spend your time on which user is connected to the tablet and what they are doing. While you have to manage these accesses, you'd certainly prefer to focus on the TV show and eventually take 5 minutes to allow the publication of some posts. You know how easy it is now.
As shown in the preceding image, we can list some of the activities for the Springfield house's users. They want to:
Now, we need to list all the users to give them the corresponding rights. This list defines the functionalities that can be accessed by each user:
Now that you know the users and what they can do in the house, the security perimeter is defined. What is left to know are the access types that can be granted to these users. This list is a tool to understand the consequences for each role you assign:
As each user has already been identified by a login to your local network, you already know that this user is granted access. This implies that anonymous users who might eventually try to connect can't access and obtain MediaDrop guest rights; therefore, they won't have access to any content, meaning they cannot post or read without your network's consent.
We now have all the prerequisites in place, so we can create our users in the house. What we are doing now is using the predefined groups of activities and setting users within these groups. Additionally, we are also creating our own group to see how easy it is.
To get started, connect to the admin console and select Groups on the interface so that you can see what rights are provided:
You can now associate the users with the predefined list of roles you want to grant them:
Let's take a look at this table more closely:
We can see here that this doesn't fit our philosophy, so let's change the group settings to those used for our house. Let's bring in a few modifications:
Can view published media |
Can upload new media |
Grants the ability to upload new media |
Grants access to edit site content |
Grants access to the admin panel | |
---|---|---|---|---|---|
Everyone (including guests) | |||||
Logged-in users | |||||
Editors | |||||
Admins |
What we did is we assigned different roles to different people. Editors will be able to set upload and edit accesses, while Admins are allowed to play all the roles.
Most of the time, you won't need all these roles, so here we just stick to Everyone, logged-in users, or Admin. However, it is recommended that you set up all the roles for future use, as you might need to delegate Editors for extra emergent cases or even as a temporary role that can be removed later.
The job is nearly done; only modifications are left to be set, which will only take a few minutes.
To define rights according to our house's strategy, we just have to modify the existing rights:
What you need to do now is define your users; don't be surprised if just the Admins and Editors groups are proposed, as the Logged-in users and Anonymous are implicitly identifiable.
This should end as shown in the following screenshot:
We come to the end of the home scenario, resulting from our previous analysis and lists of users, actions, and roles.