Liferay generally grants permissions to roles. Roles can contain users, groups, or organizations, There are permissions on the roles themselves dictating what other roles can see those roles. There are a few hardcoded roles like Guest and User.You can set permissions on an entire site (group of pages). You can set permissions on the individual pages. You can set permissions on the portlets (content blocks) within those pages. Depending on the portlet, you can set permission on the content within that portlet. If you are a user creating content (for example, if you post a question to a forum), your content can only have permissions granted to roles which you can see. So, you would need site, page, portlet, content, and role permission. If these get mismanaged or out of sync, there is no quick way to apply a lot of permissions. There will be clicking, waiting, and gnashing of teeth. You are much better off just leaving everything set to the default permissions and only changing things on pages.
Wednesday, September 09, 2015
If you add a new jsp override to an old hook and it isn't updating like you expect you may have to stop tomcat, delete webapps\PORTAL\WEB-INF\ext-<myplugin>.xml, then restart. That XML file contains a list of everything in your plugin and isn't refreshed automatically when you hot deploy so new override jsp's won't be picked up and copied to your portal's html folder unless you force the issue.