Exploring role/permission management in Liferay
After creating pages and users, the next logical step would be to define appropriate roles and permissions. We will do that in this section.
Managing adequate access control is one of the most important requirements of any system. In order to have proper access control, you should define various roles with permissions to perform specific actions and assign these roles to users. Once you, the user, have a certain role it means that the user can perform all the actions permitted by that role. For example, if you want to enable user1 to create a blog entry then first you have to create the BlogEntryCreation role (you can give it any name) with Create Blog Entry permission and then assign user1 to the BlogEntryCreation role. Now when the user goes to the blog portlet, he/she will be able to add a new blog entry.
In Liferay, you can define permission for almost all the actions. Actions in Liferay are basically of the following types:
Portal-level...
