3.1.4.1.2.1 AddPermission

The input data of an AddPermission operation. The definition of the AddPermission element is as follows:

 <s:element name="AddPermission">
  <s:complexType>
  <s:sequence>
   <s:element name="objectName" type="s:string" minOccurs="1" maxOccurs="1"/>
   <s:element name="objectType" type="s:string" minOccurs="1" maxOccurs="1"/>
   <s:element name="permissionIdentifier" type="s:string" minOccurs="1" maxOccurs="1"/>
   <s:element name="permissionType" type="s:string" minOccurs="1" maxOccurs="1"/>
   <s:element name="permissionMask" type="s:int" minOccurs="1" maxOccurs="1"/>
  </s:sequence>
  </s:complexType>
 </s:element>

objectName: A string that contains the name of a list or a site. The specified list or site specified in this parameter MUST exist on the protocol server.

objectType: A string that specifies whether permission is to be added to a list or a site. The value MUST be "list" for a list or "web" for a site.

permissionIdentifier: A string that contains the name of the security group or the security principal name (SPN) of the security principal to whom the permission applies. The security principal or security group MUST already exist on the site on the protocol server.

permissionType: A string that specifies whether permission applies to a security principal or to a security group. The value MUST be "user" for security principal, "group" for security group, or "role". If permissionType equals "role" and objectType equals "web", permissions for the role will not be updated. If permissionType equals "role" and objectType equals "list", permissions for all security principals assigned to the role will be updated.<1>

permissionMask: A Rights Mask that is lower 32 bits of the WSS Rights Mask that is specified in [MS-WSSFO3] section 2.2.2.15.