CentraSite 10.11 | CentraSite User’s Guide | Policy Management | Built-In Design/Change-Time Actions Reference | Set Consumer Permission
 
Set Consumer Permission
Assigns permission settings to the users and groups who are identified by a consumer-registration request.
The behavior of this action with respect to specific asset profiles depends on the policy's object scope.
*If you use this action in a policy that applies to multiple asset types, you can set only the asset's top-level View, Modify, or Full permissions. Consumers do not receive View or Modify permission on the individual profiles associated with the asset. You have to assign permissions to the asset's individual profiles manually.
*If you use this action in a policy that applies to one (and only one) type of asset, you can set the asset's top-level View, Modify, or Full permissions and also the View or Modify permissions on its individual profiles.
The permission settings you specify in this action will either replace or be merged with the asset's existing settings, depending on how you set the Remove Existing Permission parameter.
If you set Remove Existing Permission to true, the permission settings specified in the action completely replace the asset's current settings. That is, the asset's previous instance-level settings are completely cleared and the permissions specified by the action are set.
For example if an asset's initial permission settings are as follows:
USER A Full
USER B Full
And you specify the following permissions (with Remove Existing Permission set to true):
USER A Full
GROUP X Modify
The resulting permissions on the asset is:
USER A Full
GROUP X Modify
If you set Remove Existing Permission to false, the permission settings specified by this action are added to the asset's current settings. So, for example, if an asset has the following permission settings:
USER A Full
USER B View
And you specify the following permissions (with Remove Existing Permission set to false):
USER A Modify
USER B Full
GROUP X Modify
The resulting permissions on the asset is:
USER A Full
USER B Full
GROUP X Modify
Note:
The instance-level permissions that this action assigns to a user does not affect any role-based permissions that the user might already have. For example, if user ABC has Manage Assets permission for an organization, and that user also happens to be a member of a group to which this action assigns instance-level permissions, user ABC's Manage Assets permission will override the permission settings that this action assigns to him or her.
Event Scope
OnConsumerRegistration
Object Scope
Assets
Input Parameters
Consumer Asset Profile Permission
(Object). The instance-level permissions that are to be assigned to the users and groups (specified in the consumer registration request) for the requested asset.
Remove existing permission
(Boolean). Specifies whether the permission settings in the Consumer Asset Profile Permission parameter replace the existing permission settings or whether they are combined with the existing settings.