This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
rootdir_security [2022/02/11 14:58] yves |
rootdir_security [2022/02/11 15:27] yves [Access control lists] |
||
---|---|---|---|
Line 72: | Line 72: | ||
{{ :rootdir_s3_50.png?direct&400 |}} | {{ :rootdir_s3_50.png?direct&400 |}} | ||
- | You can now browse your slides directly from your S3 content. | + | If all is well, you can now browse your slides directly from your S3 content. |
{{ :rootdir_s3_60.png?direct&400 |}} | {{ :rootdir_s3_60.png?direct&400 |}} | ||
Line 78: | Line 78: | ||
=== Azure storage === | === Azure storage === | ||
+ | Microsoft Azure has its own protocol, and so we provide a separate mounting point type of it. | ||
+ | |||
+ | Let's say that you have an Azure container defined and put some slides in it already: | ||
+ | |||
+ | {{ :rootdir_azure_10.png?direct&400 |}} | ||
+ | |||
+ | You can convert these credentials in a connectionstring: | ||
+ | |||
+ | ''%%DefaultEndpointsProtocol=https;AccountName=pathomation;AccountKey=SUPERSECRET;BlobEndpoint=https://pathomation.blob.core.windows.net/;QueueEndpoint=https://pathomation.queue.core.windows.net/;TableEndpoint=https://pathomation.table.core.windows.net/;FileEndpoint=https://pathomation.file.core.windows.net/;%%'' | ||
+ | |||
+ | This text snippet is then pasted in the connection string field of the mounting point properties: | ||
+ | |||
+ | {{ :rootdir_azure_20.png?direct&400 |}} | ||
+ | |||
+ | If all goes well, you can now serve your slides from your Azure storage repositories. | ||
==== Public vs private ==== | ==== Public vs private ==== | ||
- | As you have more users and more root-directories, it becomes undesirable that everybody is allow to see everything. | + | As you have more users and more root-directories, it becomes undesirable that everybody is allowed to see everything. |
Therefore, root-directories can be marked "public" or "private": | Therefore, root-directories can be marked "public" or "private": | ||
+ | |||
+ | {{ :rootdir_public_private_switch.png?direct&200 |}} | ||
Public root directories are marked "public", it means every user has access to them. They can be accessed by anybody who is a registered user in the PMA.core user repository. | Public root directories are marked "public", it means every user has access to them. They can be accessed by anybody who is a registered user in the PMA.core user repository. | ||
Line 94: | Line 111: | ||
{{ :acl.png?nolink&400 |}} | {{ :acl.png?nolink&400 |}} | ||
+ | |||
+ | An interactive overview grid is available via the Root directories management view: | ||
+ | |||
+ | {{ :rootdir_acl_20.png?direct&400 |}} | ||
+ | |||
+ | As you get even more root-directories and more users, it is useful to get an overview of who has access to what. For that, you can request the ACL report from the root-directories view. | ||
+ | |||
+ | {{ :overview.png?nolink&400 |}} | ||
+ | |||
+ | The resulting report looks like this: | ||
+ | |||
+ | {{ :overview2.png?nolink&400 |}} | ||
+ |