I would like to change the following security rule so that I do not have to explicitly assign to users who are developers the custom property InDeveloperGroup="Yes", and instead have the rule apply to any user who has been allocated a professional access license under the License management - Professional access allocations tab...
Name: StreamPublish
Description: Each developer should be able to publish to each stream within their AccessGroup or any associated with InDeveloperGroup.
Resource filter: Stream_*
Actions: Read, Publish
Conditions: ((user.roles="ContentAdmin")) or ((user.@InDeveloperGroup="Yes") and (resource.@InDeveloperGroup="Yes" or resource.name=user.@AccessGroup))
I believe the solution is to do something like this...
Name: StreamPublish
Description: Each user who is allocated professional access should be able to publish to each stream within their AccessGroup or any associated with InDeveloperGroup.
Resource filter: Stream_*
Actions: Read, Publish
Conditions: ((user.roles="ContentAdmin")) or ((user.environment.licenseContext="named user") and (resource.@InDeveloperGroup="Yes" or resource.name=user.@AccessGroup))
...but I am guessing at what the valid values for user.environment.licenseContext are. Any ideas?