Finally, Security That Doesn't Make You Want to Cry

Ever tried to figure out who has access to what in Rock? It's like playing detective with a blindfold on. This dashboard hopefully saves you a few headaches.

What Does This Thing Do?

This dashboard gives you a bird's-eye view of all your Page and Block security settings in one place. No more clicking through 47 different pages to figure out why Bob from accounting can suddenly edit the homepage.

What You Can See

  • Quick stats on all your security rules
  • Who has access to what (and why)
  • User-specific vs role-based permissions
  • Security health issues that need attention
  • Orphaned rules pointing to deleted pages
  • Duplicate rules cluttering things up
  • Rules for people who've left or... moved on

Why You should Try It

  • One page to rule them all
  • Spot security issues before they become problems
  • Clean up the cruft that builds up over time
  • Actually understand your security setup
  • Sleep better at night knowing who can do what

How to Set This Up

it's pretty simple! Here's how I set it up:

Setup Steps

1 Create the Page
I placed it at Rock Settings > Security > Security Management Dashboard
Route: /admin/security/management-dashboard
Icon: fa fa-lock (font awesome) ti ti-lock (tabler)
2 Add an HTML Content Block
With SQL enabled in the block settings (this is important!)
3 Paste the Lava Template
The attached securityManagementDashboard.lava file in the Zip goes in the HTML block
4 Add Dynamic Data Block
Preferably the obsidian block. Paste the SQL Query SecurityAudit.sql from the Zip and set the link column as html. Set the filtering settings how you'd like and hit save.
5 Set Page Security
RSR - Rock Administration or RSR - Security Administration whoever oversees your security.
Done That's it!
Navigate to the page and start exploring

Quick Troubleshoot

Make sure Enable SQL Commands is turned ON in the HTML block settings. Without it, it won't work.

Tips

  • Role-based is better - Individual user permissions get messy fast. Use security roles when you can!
  • Check the health indicators - Green is good, red means you've got some cleanup to do
  • Backup before cleanup - The cleanup scripts are safe, but always backup first. Always.
  • Orphaned rules are harmless - They're just clutter, but cleaning them up makes everything tidier
  • Review inactive users - People leave, but their security rules stick around forever
  • Review regularly! maybe once a month at least.

Ready to Go!

That's everything you need to know. Go forth and turn your spaghetti security into a nicely organized canvas! If you find any issues or have ideas for improvements, let me know!