From 7bfe43d617db1549b9b9f5c9feff7d56f18234f3 Mon Sep 17 00:00:00 2001
From: jasquat <jasquat@users.noreply.github.com>
Date: Thu, 18 May 2023 09:05:26 -0400
Subject: [PATCH] added example permission yaml for read only admin

---
 .../config/permissions/example_read_only.yml  | 84 +++++++++++++++++++
 1 file changed, 84 insertions(+)
 create mode 100644 spiffworkflow-backend/src/spiffworkflow_backend/config/permissions/example_read_only.yml

diff --git a/spiffworkflow-backend/src/spiffworkflow_backend/config/permissions/example_read_only.yml b/spiffworkflow-backend/src/spiffworkflow_backend/config/permissions/example_read_only.yml
new file mode 100644
index 00000000..d201a555
--- /dev/null
+++ b/spiffworkflow-backend/src/spiffworkflow_backend/config/permissions/example_read_only.yml
@@ -0,0 +1,84 @@
+default_group: everybody
+
+groups:
+  admin:
+    users: [admin@spiffworkflow.org]
+
+permissions:
+  admin:
+    groups: [admin]
+    users: []
+    allowed_permissions: [read]
+    uri: /*
+
+  tasks-crud:
+    groups: [admin]
+    users: []
+    allowed_permissions: [create, update, delete]
+    uri: /tasks/*
+
+  process-instances-crud:
+    groups: [ admin ]
+    users: [ ]
+    allowed_permissions: [create, update, delete]
+    uri: /process-instances/*
+
+  suspend:
+    groups: [admin]
+    users: []
+    allowed_permissions: [create]
+    uri: /v1.0/process-instance-suspend
+
+  terminate:
+    groups: [admin]
+    users: []
+    allowed_permissions: [create]
+    uri: /v1.0/process-instance-terminate
+
+  resume:
+    groups: [admin]
+    users: []
+    allowed_permissions: [create]
+    uri: /v1.0/process-instance-resume
+
+  reset:
+    groups: [admin]
+    users: []
+    allowed_permissions: [create]
+    uri: /v1.0/process-instance-reset
+
+  users-exist:
+    groups: [admin]
+    users: []
+    allowed_permissions: [create]
+    uri: /v1.0/users/exists/by-username
+
+  send-event:
+    groups: [admin]
+    users: []
+    allowed_permissions: [create]
+    uri: /v1.0/send-event/*
+
+  task-complete:
+    groups: [admin]
+    users: []
+    allowed_permissions: [create]
+    uri: /v1.0/task-complete/*
+
+  messages:
+    groups: [admin]
+    users: []
+    allowed_permissions: [create]
+    uri: /v1.0/messages/*
+
+  secrets:
+    groups: [admin]
+    users: []
+    allowed_permissions: [create, update, delete]
+    uri: /v1.0/secrets/*
+
+  task-data:
+    groups: [admin]
+    users: []
+    allowed_permissions: [update]
+    uri: /v1.0/task-data/*