This page is related to the Aggregated Layout Management Convergence 2.x effort that will be added to 3.x._
A Need Exposed
The introduction of the JA-SIG Aggregated Layout Management feature makes reuse of the GroupsManager channel to define who receives pushed fragments or who can subscribe to pulled fragments. Although it appears to use the same assignment paradygm in the screen it varies significantly from the grant model used by Channel Manager. Namely, the new ALM functionality did not make use of the existing permissions infrastructure.
...
Additionally, only Group Membership has traditionally be available for granting access to channels. Not until recently could user attributes also be used. They are made available through static peron attribute groups defined in an XML file and evaluated at log-in time. Such is a good step toward more flexible assignment of permissions. However, there is currently no way to incorporate dynamic creation of such user attribute groups in the permission granting step.
Restricted Grants
Currently, if a person is granted Channel Publishing permission there is no way to attach to that grant criteria specifying to whom they can publish channels. Such a capability is accomplished by configuring permissions for the GroupsManager channel restricting what groups a particular user can view, select, update, edit, delete, etc.
This means that when fragment publishing is enhanced to use permissions correctly and fragment publishing is granted to a user along with channel publishing there is no way to distinguish different sets of user to whom they can publish channels versus those to whom they can publish fragments.
A suggestion for enhancment of grant restrictions has been outlined here: Grant Restriction Enhancements