...
By providing such a servant and clarifying how it should be used by applications such a servant should readily be usable by other applications including aggregated layout management.
Complex Logic and User Attributes
One aspect of permission grants It then creates a grant as a servant is that they are inherently a simple boolean construct. If the user is a member of "group A OR group B OR group C" then they get the permission and hence can use the channel. More complex combination logic should be available for determining grants.
Additionally, only Group Membership has traditionally be available for granting access to channels. Not until recently could user attributes also be used. They are made available through static peron attribute groups defined in an XML file and evaluated at log-in time. Such is a good step toward more flexible assignment of permissions. However, there is currently no way to incorporate dynamic creation of such user attribute groups in the permission granting step.