Portal rights management restricts access to plugins, methods inside the plugins or to actions inside the methods. It is configured via an XML-File (the auth-file you pass to the PortalToolManager, not fully implemented yet, its a simple textfile atm)
RightsManagement is currently under development and may change.
Simple properties file with a url pattern on the left side and the allowed roles on the right side:
New Configuration (proposal)
<auth> <plugin id="copletManagement"> <functions> <function id="showTab"> <roles> <role>admin</role> </roles> <users> <user>cocoon</user> </users> </function> <actions> <action id="moveUp"> <roles> <role>admin</role> </roles> </action> </actions> </functions> </plugin> </auth>