From 3ec9024fb092c8a98015e2da25537f2795f4c97c Mon Sep 17 00:00:00 2001 From: arpit-at Date: Thu, 13 Jun 2024 07:15:02 +0530 Subject: [PATCH] DG-1432 Auth Policies for MQ related Items --- .../policies/bootstrap_entity_policies.json | 184 ++++++++++++++++++ 1 file changed, 184 insertions(+) diff --git a/addons/policies/bootstrap_entity_policies.json b/addons/policies/bootstrap_entity_policies.json index 02260d558c..23a77f5298 100644 --- a/addons/policies/bootstrap_entity_policies.json +++ b/addons/policies/bootstrap_entity_policies.json @@ -3108,6 +3108,190 @@ "entity-read" ] } + }, + + { + "typeName": "AuthPolicy", + "attributes": { + "name": "CUD_BUSINESS_POLICY", + "qualifiedName": "CUD_BUSINESS_POLICY", + "policyCategory": "bootstrap", + "policySubCategory": "default", + "policyServiceName": "atlas", + "policyType": "allow", + "policyPriority": 0, + "policyUsers": [], + "policyGroups": [], + "policyRoles": [ + "$admin", + "$api-token-default-access" + ], + "policyResourceCategory": "ENTITY", + "policyResources": [ + "entity-type:BusinessPolicy", + "entity-type:BusinessPolicyException", + "entity-classification:*", + "entity:*" + ], + "policyActions": [ + "entity-create", + "entity-update", + "entity-delete" + ] + } + }, + { + "typeName": "AuthPolicy", + "attributes": { + "name": "READ_BUSINESS_POLICY", + "qualifiedName": "READ_BUSINESS_POLICY", + "policyCategory": "bootstrap", + "policySubCategory": "default", + "policyServiceName": "atlas", + "policyType": "allow", + "policyPriority": 0, + "policyUsers": [], + "policyGroups": [], + "policyRoles": [ + "$admin", + "$guest", + "$member", + "$api-token-default-access" + ], + "policyResourceCategory": "ENTITY", + "policyResources": [ + "entity-type:BusinessPolicy", + "entity-type:BusinessPolicyException", + "entity-classification:*", + "entity:*" + ], + "policyActions": [ + "entity-read" + ] + } + }, + + { + "typeName": "AuthPolicy", + "attributes": { + "name": "CUD_INCIDENT", + "qualifiedName": "CUD_INCIDENT", + "policyCategory": "bootstrap", + "policySubCategory": "default", + "policyServiceName": "atlas", + "policyType": "allow", + "policyPriority": 0, + "policyUsers": [], + "policyGroups": [], + "policyRoles": [ + "$admin", + "$api-token-default-access" + ], + "policyResourceCategory": "ENTITY", + "policyResources": [ + "entity-type:Incident", + "entity-type:BusinessPolicyIncident", + "entity-classification:*", + "entity:*" + ], + "policyActions": [ + "entity-create", + "entity-update", + "entity-delete" + ] + } + }, + { + "typeName": "AuthPolicy", + "attributes": { + "name": "READ_INCIDENT" , + "qualifiedName": "READ_INCIDENT", + "policyCategory": "bootstrap", + "policySubCategory": "default", + "policyServiceName": "atlas", + "policyType": "allow", + "policyPriority": 0, + "policyUsers": [], + "policyGroups": [], + "policyRoles": [ + "$admin", + "$guest", + "$member", + "$api-token-default-access" + ], + "policyResourceCategory": "ENTITY", + "policyResources": [ + "entity-type:Incident", + "entity-type:BusinessPolicyIncident", + "entity-classification:*", + "entity:*" + ], + "policyActions": [ + "entity-read" + ] + } + }, + { + "typeName": "AuthPolicy", + "attributes": { + "name": "CRUD_BUSINESS_POLICY_LOG", + "qualifiedName": "CRUD_BUSINESS_POLICY_LOG", + "policyCategory": "bootstrap", + "policySubCategory": "default", + "policyServiceName": "atlas", + "policyType": "allow", + "policyPriority": 0, + "policyUsers": [], + "policyGroups": [], + "policyRoles": [ + "$admin", + "$api-token-default-access" + ], + "policyResourceCategory": "ENTITY", + "policyResources": [ + "entity-type:BusinessPolicyLog", + "entity-classification:*", + "entity:*" + ], + "policyActions": [ + "entity-create", + "entity-read", + "entity-update", + "entity-delete" + ] + } + }, + { + "typeName": "AuthPolicy", + "attributes": { + "name": "CRUD_TASK", + "qualifiedName": "CRUD_TASK", + "policyCategory": "bootstrap", + "policySubCategory": "default", + "policyServiceName": "atlas", + "policyType": "allow", + "policyPriority": 0, + "policyUsers": [], + "policyGroups": [], + "policyRoles": [ + "$admin", + "$guest", + "$member", + "$api-token-default-access" + ], + "policyResourceCategory": "ENTITY", + "policyResources": [ + "entity-type:Task", + "entity-classification:*", + "entity:*" + ], + "policyActions": [ + "entity-create", + "entity-read", + "entity-update", + "entity-delete" + ] + } } ] }