From 813c1176e61370f344e840189f21562927007f7a Mon Sep 17 00:00:00 2001 From: burnettk Date: Fri, 25 Nov 2022 14:37:50 -0500 Subject: [PATCH] no global read since that gives configuration as well --- .../config/permissions/development.yml | 24 ++++++++----------- .../terraform_deployed_environment.yml | 24 ++++++++----------- 2 files changed, 20 insertions(+), 28 deletions(-) diff --git a/spiffworkflow-backend/src/spiffworkflow_backend/config/permissions/development.yml b/spiffworkflow-backend/src/spiffworkflow_backend/config/permissions/development.yml index b236d1575..81ea92255 100644 --- a/spiffworkflow-backend/src/spiffworkflow_backend/config/permissions/development.yml +++ b/spiffworkflow-backend/src/spiffworkflow_backend/config/permissions/development.yml @@ -72,24 +72,19 @@ groups: users: [core] permissions: + admin: + groups: [admin] + users: [] + allowed_permissions: [create, read, update, delete] + uri: /* + tasks-crud: groups: [everybody] users: [] allowed_permissions: [create, read, update, delete] uri: /v1.0/tasks/* - admin: - groups: [admin] - users: [] - allowed_permissions: [create, read, update, delete, list, instantiate] - uri: /* - - read-all: - groups: ["Finance Team", "Project Lead", admin] - users: [] - allowed_permissions: [read] - uri: /* - + # read all for everybody read-all-process-groups: groups: [everybody] users: [] @@ -100,17 +95,18 @@ permissions: users: [] allowed_permissions: [read] uri: /v1.0/process-models/* - read-process-instance-list: + read-all-process-instance: groups: [everybody] users: [] allowed_permissions: [read] - uri: /v1.0/process-instances + uri: /v1.0/process-instances/* read-process-instance-reports: groups: [everybody] users: [] allowed_permissions: [read] uri: /v1.0/process-instances/reports/* + manage-procurement-admin: groups: ["Project Lead"] users: [] diff --git a/spiffworkflow-backend/src/spiffworkflow_backend/config/permissions/terraform_deployed_environment.yml b/spiffworkflow-backend/src/spiffworkflow_backend/config/permissions/terraform_deployed_environment.yml index a36aa7e5a..23389273b 100644 --- a/spiffworkflow-backend/src/spiffworkflow_backend/config/permissions/terraform_deployed_environment.yml +++ b/spiffworkflow-backend/src/spiffworkflow_backend/config/permissions/terraform_deployed_environment.yml @@ -72,24 +72,19 @@ groups: users: [core] permissions: + admin: + groups: [admin] + users: [] + allowed_permissions: [create, read, update, delete] + uri: /* + tasks-crud: groups: [everybody] users: [] allowed_permissions: [create, read, update, delete] uri: /v1.0/tasks/* - admin: - groups: [admin] - users: [] - allowed_permissions: [create, read, update, delete, list, instantiate] - uri: /* - - read-all: - groups: ["Finance Team", "Project Lead", admin] - users: [] - allowed_permissions: [read] - uri: /* - + # read all for everybody read-all-process-groups: groups: [everybody] users: [] @@ -100,17 +95,18 @@ permissions: users: [] allowed_permissions: [read] uri: /v1.0/process-models/* - read-process-instance-list: + read-all-process-instance: groups: [everybody] users: [] allowed_permissions: [read] - uri: /v1.0/process-instances + uri: /v1.0/process-instances/* read-process-instance-reports: groups: [everybody] users: [] allowed_permissions: [read] uri: /v1.0/process-instances/reports/* + manage-procurement-admin: groups: ["Project Lead"] users: []