Hi melingrew,
First i want to apologize for the late answer. Somehow your post must have been slipped through the attention of our professionals.
Let me answer your question:
The portal uses a Role Concept instead of the permissiongroups as you know it.
That means a user can have different roles and each role has it's own permissions which can be set in the role administration.
You can use the rules you have set up for your permissiongroups in this role concept.
I hope this answers your question, and again, sorry for the long waiting time.
best regards
Patrick