Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

permission sets should avoid ".all" permissions

Description

Summary: ui-organizations.basic.view is misleadingly named/overly permissive. It appears to be a "Can view..." permission set but contains write access via two .all permissions:

Acceptance criteria:

.all permissions are broken up according to the breakdown of organization permissions

"Organizations: Basic view" includes contacts.get and interfaces.get

"Organizations: view, edit" includes contacts.get and contacts.put, contacts.post, contacts.delete and interfaces.get and interfaces.put, interfaces.post, interfaces.delete

"Organizations: view, edit and create" contacts.get and contacts.put, contacts.post, contacts.delete and interfaces.get and interfaces.put, interfaces.post, interfaces.delete

etc...

Environment

None

Potential Workaround

None

Attachments

1

Checklist

hide

TestRail: Results

Activity

Show:
Done

Details

Assignee

Reporter

Labels

Priority

Story Points

Sprint

Development Team

Thunderjet

Parent

Fix versions

Release

R2 2021 Bugfix

TestRail: Cases

Open TestRail: Cases

TestRail: Runs

Open TestRail: Runs
Created June 11, 2021 at 3:42 AM
Updated July 29, 2021 at 1:28 PM
Resolved July 23, 2021 at 6:27 PM
Loading...