Show TOC

Viewing Permission Structures in the PortalLocate this document in the navigation structure

Prerequisites

  • At least administrator read permission for each object in the PCD that the user wants to view.

    Note

    The output of the permission structure is filtered according to the permissions of the requesting user. To view the entire permission structure in the portal, the user must be a super administrator or an administrator who has permissions to view the entire PCD.

  • End user permission to the security zone of the following security zone:

    sap.com/NetWeaver.Portal/medium_safety/com.sap.portal.admin.acleditor/components/listPermissions

Context

SAP NetWeaver Portal offers an external feature that allows you to view the permission structure of all portal objects to which explicit permissions have been assigned and allows troubleshooting for implicit permission assignments to desktops, themes, and roles.

The permission structure page enables you to update the automatically assigned permissions for desktops, themes, and roles, in the event that they are incorrect. (These permissions are not assigned, or visible, in the Permission Editor; they are referred to as inner ACLs .)

The HTML output page displays the following four tables:

  • PCD permissions

    Shows the permissions of all PCD objects and folders that are assigned explicit permissions, not objects that inherit permissions.

  • Internal permissions for desktops ( com.sapportals.portal.desktop )

    Shows the inner ACLs of portal desktops.

  • Internal permissions for themes ( com.sapportals.portal.style )

    Shows the inner ACLs of portal themes.

  • Internal permissions for roles ( com.sapportals.portal.role )

    Shows the inner ACLs of portal roles.

Updating Inner ACLs

The ability to update the inner ACLs of desktops, themes, and roles is a useful first step in troubleshooting in the event of runtime problems, for example:

  • A role is invisible to a user who is assigned to it

  • A theme appears corrupt at runtime

  • The desktop is invisible to the user upon logon

These situations may occur due to missing inner ACLs . In this event, a button appears at the bottom of the permission structure page, Update Inner ACL Permissions . If you see this button, click it to update the inner ACLs .

Procedure

  1. Log on to the portal.
  2. In the same browser session, open a new browser window.
  3. Enter the following URL:

    http://<host>:<port>/irj/servlet/prt/portal/prtroot/com.sap.portal.admin.acleditor.listPermissions

    Note

    Depending on the amount of data to be processed, it may take several minutes for the permission structure page to appear on the screen.

Results

A printable HTML page that displays:

  • In the PCD permissions table - PCD path, permitted user/group/role, and assigned permission for each object

  • In the internal permissions for desktops/themes/roles tables - PCD path, the user who created the object, and the inner ACLs