Skip to content

Commit

Permalink
rationalize permissions
Browse files Browse the repository at this point in the history
  • Loading branch information
eric-intuitem committed Oct 2, 2024
1 parent 57dbf88 commit d4400ec
Showing 1 changed file with 138 additions and 101 deletions.
239 changes: 138 additions & 101 deletions backend/core/startup.py
Original file line number Diff line number Diff line change
Expand Up @@ -11,28 +11,32 @@
logger = get_logger(__name__)

READER_PERMISSIONS_LIST = [
"view_project",
"view_riskassessment",
"view_appliedcontrol",
"view_policy",
"view_riskscenario",
"view_riskacceptance",
"view_asset",
"view_threat",
"view_referencecontrol",
"view_folder",
"view_usergroup",
"view_riskmatrix",
"view_complianceassessment",
"view_requirementassessment",
"view_requirementnode",
"view_entity",
"view_entityassessment",
"view_evidence",
"view_folder",
"view_framework",
"view_loadedlibrary",
"view_policy",
"view_project",
"view_referencecontrol",
"view_representative",
"view_requirementassessment",
"view_requirementmapping",
"view_requirementmappingset",
"view_requirementnode",
"view_riskacceptance",
"view_riskassessment",
"view_riskmatrix",
"view_riskscenario",
"view_solution",
"view_storedlibrary",
"view_threat",
"view_user",
"view_requirementmappingset",
"view_requirementmapping",
"view_usergroup",
]

APPROVER_PERMISSIONS_LIST = [
Expand Down Expand Up @@ -62,120 +66,153 @@
]

ANALYST_PERMISSIONS_LIST = [
"add_appliedcontrol",
"add_asset",
"add_complianceassessment",
"add_evidence",
"add_policy",
"add_project",
"view_project",
"change_project",
"delete_project",
"add_riskacceptance",
"add_riskassessment",
"view_riskassessment",
"change_riskassessment",
"delete_riskassessment",
"add_appliedcontrol",
"view_appliedcontrol",
"add_riskscenario",
"add_solution",
"add_threat",
"change_appliedcontrol",
"delete_appliedcontrol",
"add_policy",
"view_policy",
"change_asset",
"change_complianceassessment",
"change_entity",
"change_entityassessment",
"change_evidence",
"change_policy",
"delete_policy",
"add_riskscenario",
"view_riskscenario",
"change_riskscenario",
"delete_riskscenario",
"add_riskacceptance",
"view_riskacceptance",
"change_project",
"change_referencecontrol",
"change_representative",
"change_requirementassessment",
"change_riskacceptance",
"delete_riskacceptance",
"add_complianceassessment",
"view_complianceassessment",
"change_complianceassessment",
"change_riskassessment",
"change_riskscenario",
"change_solution",
"change_threat",
"delete_appliedcontrol",
"delete_asset",
"delete_complianceassessment",
"view_requirementassessment",
"change_requirementassessment",
"add_evidence",
"view_evidence",
"change_evidence",
"delete_entity",
"delete_entityassessment",
"delete_evidence",
"add_asset",
"view_asset",
"change_asset",
"delete_asset",
"add_threat",
"view_threat",
"change_threat",
"delete_policy",
"delete_project",
"delete_referencecontrol",
"delete_representative",
"delete_riskacceptance",
"delete_riskassessment",
"delete_riskscenario",
"delete_solution",
"delete_threat",
"view_referencecontrol",
"view_appliedcontrol",
"view_asset",
"view_complianceassessment",
"view_entity",
"view_entityassessment",
"view_evidence",
"view_folder",
"view_usergroup",
"view_riskmatrix",
"view_requirementnode",
"view_framework",
"view_storedlibrary",
"view_loadedlibrary",
"view_user",
"view_requirementmappingset",
"view_policy",
"view_project",
"view_referencecontrol",
"view_representative",
"view_requirementassessment",
"view_requirementmapping",
"view_requirementmappingset",
"view_requirementnode",
"view_riskacceptance",
"view_riskassessment",
"view_riskmatrix",
"view_riskscenario",
"view_solution",
"view_storedlibrary",
"view_threat",
"view_user",
"view_usergroup",
]

DOMAIN_MANAGER_PERMISSIONS_LIST = [
"change_usergroup",
"view_usergroup",
"add_project",
"change_project",
"delete_project",
"view_project",
"add_riskassessment",
"view_riskassessment",
"change_riskassessment",
"delete_riskassessment",
"add_appliedcontrol",
"view_appliedcontrol",
"change_appliedcontrol",
"delete_appliedcontrol",
"add_asset",
"add_complianceassessment",
"add_entity",
"add_entityassessment",
"add_evidence",
"add_folder",
"add_policy",
"view_policy",
"change_policy",
"delete_policy",
"add_riskscenario",
"view_riskscenario",
"change_riskscenario",
"delete_riskscenario",
"add_project",
"add_riskacceptance",
"view_riskacceptance",
"change_riskacceptance",
"delete_riskacceptance",
"add_asset",
"view_asset",
"change_asset",
"delete_asset",
"add_riskassessment",
"add_riskmatrix",
"add_riskscenario",
"add_solution",
"add_threat",
"view_threat",
"change_threat",
"delete_threat",
"view_referencecontrol",
"view_folder",
"change_appliedcontrol",
"change_asset",
"change_complianceassessment",
"change_entity",
"change_entityassessment",
"change_evidence",
"change_folder",
"add_riskmatrix",
"view_riskmatrix",
"change_policy",
"change_project",
"change_referencecontrol",
"change_representative",
"change_requirementassessment",
"change_riskacceptance",
"change_riskassessment",
"change_riskmatrix",
"change_riskscenario",
"change_solution",
"change_threat",
"delete_appliedcontrol",
"delete_asset",
"delete_complianceassessment",
"delete_entity",
"delete_entityassessment",
"delete_evidence",
"delete_folder",
"delete_policy",
"delete_project",
"delete_referencecontrol",
"delete_representative",
"delete_riskacceptance",
"delete_riskassessment",
"delete_riskmatrix",
"add_complianceassessment",
"delete_riskscenario",
"delete_solution",
"delete_threat",
"view_appliedcontrol",
"view_asset",
"view_complianceassessment",
"change_complianceassessment",
"delete_complianceassessment",
"view_requirementassessment",
"change_requirementassessment",
"add_evidence",
"view_entity",
"view_entityassessment",
"view_evidence",
"change_evidence",
"delete_evidence",
"view_requirementnode",
"view_folder",
"view_framework",
"view_storedlibrary",
"view_loadedlibrary",
"view_user",
"view_requirementmappingset",
"view_policy",
"view_project",
"view_referencecontrol",
"view_representative",
"view_requirementassessment",
"view_requirementmapping",
"view_requirementmappingset",
"view_requirementnode",
"view_riskacceptance",
"view_riskassessment",
"view_riskmatrix",
"view_riskscenario",
"view_solution",
"view_storedlibrary",
"view_threat",
"view_user",
"view_usergroup",
]

ADMINISTRATOR_PERMISSIONS_LIST = [
Expand Down

0 comments on commit d4400ec

Please sign in to comment.