Security App replaces the Security group of items from the old Admin Interface (i.e. Users, Grous and Roles management) and aggregates also some features from the Tools: Audit (aka Accesses), Permission List and Activation Tools. The security dashboard will be added later.

On the App start, Users, Groups, and Roles tabs will be automatically open.

 

UI Mockups for Security App

The following two mockups show the main tab featuring the user management and the fourth tab containing the settings. Note that I've left out both the "Groups" and the "Roles" tab. Those should be straight forward, though. All first three tabs will greatly benefit from built-in ContentApp features such as search and sorting.

I've left out the security dashboard for now, as I don't like to place placeholders for features we might not be able to implement. Also, such a security dashboard would require more research and, in general, might be better placed under Pulse.

Also, I've moved the functionality of a previously referenced "Audit" tab to a separate app, which is not described or shown here.

 

Quick sketch only

The following problems are not tackled here yet:

  • To be consistent, we should open the edit form for users, groups and roles in tabs, as we do elsewhere. This might or might not go together well with the "always open" tabs shown below. In particular, we might end up with many open tabs and might have to come up with a way to scroll or shorted tabs.
  • I didn't have a look at the actual editing forms for users, groups and roles yet, but I anticipated that they need to be improved as well. Please make a suggestion and let me review it

 

First/main tab of Security App


 

Fourth tab of Security App


  • No labels

4 Comments

  1. Andreas Weder

    I think this needs some clarification. The linked file contains an interface different from what we discussed. I'll add some mockups to this page soon. We also mentioned (although only briefly) that Audit features will go into a separate app for now.

     

    1. Jozef Chocholacek

      Mockups are welcome - I've just linked what we have right now. As for the Audit - I've probably missed that part of the discussion (wink), but at least part of it should be incorporated into Security Dashboard later.

      1. Andreas Weder

        Sure, no problem. I've now added two mockups and a couple of clarifying notes. Let me know if you need anything else.

  2. Boris Kraft

    Why can an admin set the desired key length? This features does not tell the admin the impact of her choice. I don't like that. If there is no impact in terms of performance, then let's not make it configurable at all. If not, use terms/preset that explain the choice to the admin, e.g.

    • fast/less secure 
    • mid/normal security
    • slow/highly secure

    WIth a help text explaining the non-standard options. Example "The 'standard' setting is normally all you need. If you run Magnolia on a first generation iPod, use 'fast/less secure' or activation will be too slow. In high security environments like Finance, use …". Hope the idea is clear. We should not provide options whose impact is not clear.