From d4400ec7569edaf2018dddcb630449dfb8a10826 Mon Sep 17 00:00:00 2001 From: eric-intuitem <71850047+eric-intuitem@users.noreply.github.com> Date: Wed, 2 Oct 2024 19:13:42 +0200 Subject: [PATCH] rationalize permissions --- backend/core/startup.py | 239 +++++++++++++++++++++++----------------- 1 file changed, 138 insertions(+), 101 deletions(-) diff --git a/backend/core/startup.py b/backend/core/startup.py index 8c2deb181..8c833456d 100644 --- a/backend/core/startup.py +++ b/backend/core/startup.py @@ -11,28 +11,32 @@ logger = get_logger(__name__) READER_PERMISSIONS_LIST = [ - "view_project", - "view_riskassessment", "view_appliedcontrol", - "view_policy", - "view_riskscenario", - "view_riskacceptance", "view_asset", - "view_threat", - "view_referencecontrol", - "view_folder", - "view_usergroup", - "view_riskmatrix", "view_complianceassessment", - "view_requirementassessment", - "view_requirementnode", + "view_entity", + "view_entityassessment", "view_evidence", + "view_folder", "view_framework", "view_loadedlibrary", + "view_policy", + "view_project", + "view_referencecontrol", + "view_representative", + "view_requirementassessment", + "view_requirementmapping", + "view_requirementmappingset", + "view_requirementnode", + "view_riskacceptance", + "view_riskassessment", + "view_riskmatrix", + "view_riskscenario", + "view_solution", "view_storedlibrary", + "view_threat", "view_user", - "view_requirementmappingset", - "view_requirementmapping", + "view_usergroup", ] APPROVER_PERMISSIONS_LIST = [ @@ -62,120 +66,153 @@ ] ANALYST_PERMISSIONS_LIST = [ + "add_appliedcontrol", + "add_asset", + "add_complianceassessment", + "add_evidence", + "add_policy", "add_project", - "view_project", - "change_project", - "delete_project", + "add_riskacceptance", "add_riskassessment", - "view_riskassessment", - "change_riskassessment", - "delete_riskassessment", - "add_appliedcontrol", - "view_appliedcontrol", + "add_riskscenario", + "add_solution", + "add_threat", "change_appliedcontrol", - "delete_appliedcontrol", - "add_policy", - "view_policy", + "change_asset", + "change_complianceassessment", + "change_entity", + "change_entityassessment", + "change_evidence", "change_policy", - "delete_policy", - "add_riskscenario", - "view_riskscenario", - "change_riskscenario", - "delete_riskscenario", - "add_riskacceptance", - "view_riskacceptance", + "change_project", + "change_referencecontrol", + "change_representative", + "change_requirementassessment", "change_riskacceptance", - "delete_riskacceptance", - "add_complianceassessment", - "view_complianceassessment", - "change_complianceassessment", + "change_riskassessment", + "change_riskscenario", + "change_solution", + "change_threat", + "delete_appliedcontrol", + "delete_asset", "delete_complianceassessment", - "view_requirementassessment", - "change_requirementassessment", - "add_evidence", - "view_evidence", - "change_evidence", + "delete_entity", + "delete_entityassessment", "delete_evidence", - "add_asset", - "view_asset", - "change_asset", - "delete_asset", - "add_threat", - "view_threat", - "change_threat", + "delete_policy", + "delete_project", + "delete_referencecontrol", + "delete_representative", + "delete_riskacceptance", + "delete_riskassessment", + "delete_riskscenario", + "delete_solution", "delete_threat", - "view_referencecontrol", + "view_appliedcontrol", + "view_asset", + "view_complianceassessment", + "view_entity", + "view_entityassessment", + "view_evidence", "view_folder", - "view_usergroup", - "view_riskmatrix", - "view_requirementnode", "view_framework", - "view_storedlibrary", "view_loadedlibrary", - "view_user", - "view_requirementmappingset", + "view_policy", + "view_project", + "view_referencecontrol", + "view_representative", + "view_requirementassessment", "view_requirementmapping", + "view_requirementmappingset", + "view_requirementnode", + "view_riskacceptance", + "view_riskassessment", + "view_riskmatrix", + "view_riskscenario", + "view_solution", + "view_storedlibrary", + "view_threat", + "view_user", + "view_usergroup", ] DOMAIN_MANAGER_PERMISSIONS_LIST = [ - "change_usergroup", - "view_usergroup", - "add_project", - "change_project", - "delete_project", - "view_project", - "add_riskassessment", - "view_riskassessment", - "change_riskassessment", - "delete_riskassessment", "add_appliedcontrol", - "view_appliedcontrol", - "change_appliedcontrol", - "delete_appliedcontrol", + "add_asset", + "add_complianceassessment", + "add_entity", + "add_entityassessment", + "add_evidence", + "add_folder", "add_policy", - "view_policy", - "change_policy", - "delete_policy", - "add_riskscenario", - "view_riskscenario", - "change_riskscenario", - "delete_riskscenario", + "add_project", "add_riskacceptance", - "view_riskacceptance", - "change_riskacceptance", - "delete_riskacceptance", - "add_asset", - "view_asset", - "change_asset", - "delete_asset", + "add_riskassessment", + "add_riskmatrix", + "add_riskscenario", + "add_solution", "add_threat", - "view_threat", - "change_threat", - "delete_threat", - "view_referencecontrol", - "view_folder", + "change_appliedcontrol", + "change_asset", + "change_complianceassessment", + "change_entity", + "change_entityassessment", + "change_evidence", "change_folder", - "add_riskmatrix", - "view_riskmatrix", + "change_policy", + "change_project", + "change_referencecontrol", + "change_representative", + "change_requirementassessment", + "change_riskacceptance", + "change_riskassessment", "change_riskmatrix", + "change_riskscenario", + "change_solution", + "change_threat", + "delete_appliedcontrol", + "delete_asset", + "delete_complianceassessment", + "delete_entity", + "delete_entityassessment", + "delete_evidence", + "delete_folder", + "delete_policy", + "delete_project", + "delete_referencecontrol", + "delete_representative", + "delete_riskacceptance", + "delete_riskassessment", "delete_riskmatrix", - "add_complianceassessment", + "delete_riskscenario", + "delete_solution", + "delete_threat", + "view_appliedcontrol", + "view_asset", "view_complianceassessment", - "change_complianceassessment", - "delete_complianceassessment", - "view_requirementassessment", - "change_requirementassessment", - "add_evidence", + "view_entity", + "view_entityassessment", "view_evidence", - "change_evidence", - "delete_evidence", - "view_requirementnode", + "view_folder", "view_framework", - "view_storedlibrary", "view_loadedlibrary", - "view_user", - "view_requirementmappingset", + "view_policy", + "view_project", + "view_referencecontrol", + "view_representative", + "view_requirementassessment", "view_requirementmapping", + "view_requirementmappingset", + "view_requirementnode", + "view_riskacceptance", + "view_riskassessment", + "view_riskmatrix", + "view_riskscenario", + "view_solution", + "view_storedlibrary", + "view_threat", + "view_user", + "view_usergroup", ] ADMINISTRATOR_PERMISSIONS_LIST = [