Permissions XML file format

Permissions files have the following format (by example):

<permission-set script="classpath://org/jasig/portal/io/import-permission_set_v3-1.crn">
  <owner>UP_PORTLET_PUBLISH</owner>
  <principal-type>org.jasig.portal.groups.IEntityGroup</principal-type>
  <principal>
    <group>${tenant.name} Administrators</group>
  </principal>
  <activity>PORTLET_MODE_CONFIG</activity>
  <target permission-type="GRANT">
    <group>${tenant.name} Portlets</group>
  </target>
  <!-- New in uPortal 4.3.0 you can specify a portlet by fname -->
  <target permission-type="GRANT">
    <portlet>${tenant.fname}-logo</portlet>
  </target>
</permission-set>

where:

ElementDescriptionAvailable values
ownerString identifying owner of the activity

Values specified in IPermission.java. Can be one of:

  • UP_SYSTEM
  • UP_GROUPS
  • UP_PORTLET_PUBLISH
  • UP_PORTLET_SUBSCRIBE
  • UP_USERS
  • UP_PERMISSIONS
  • UP_ERROR_CHAN

 

principal-type 

One of:

org.jasig.portal.groups.IEntityGroup

org.jasig.portal.security.IPerson

principal 

If principal-type is group type: <group>groupname</group>

If principal-type is person type: <literal>username</literal>

activityString specifying permissions subcategorySee IPermission.java (and source code, much of which passes in a string). Best view of available values is looking at links on Manage Permissions page.
targetOne or more targets may be specified. Target can have permission-type of GRANT or DENY.

Allowed values are:

  • <group>groupname</group> Group that receives the GRANT or DENY permission
  • <literal>targetname</literal> Values can be a username or PORTLET_ID.x where x is the ID of the portlet in the database
  • (new with uPortal 4.3.0) <portlet>portletFname</portlet> Specify a portlet by fname

The groupings of permission-owner and activity is easiest seen on the Manage Permissions page (look at link href URLs for specific values).  E.g.

 

Â