diff --git a/addons/static/templates/policy_cache_transformer_persona.json b/addons/static/templates/policy_cache_transformer_persona.json index a68f030ae6..a72b940c79 100644 --- a/addons/static/templates/policy_cache_transformer_persona.json +++ b/addons/static/templates/policy_cache_transformer_persona.json @@ -449,7 +449,7 @@ "policyResourceCategory": "ENTITY", "policyType": "ACCESS", "resources": [ - "entity:{entity}/domain/*", + "entity:{entity}/*domain/*", "entity-type:DataDomain", "entity-classification:*" ], @@ -461,11 +461,30 @@ "policyResourceCategory": "ENTITY", "policyType": "ACCESS", "resources": [ - "entity:{entity}/domain/*", + "entity:{entity}/*domain/*", "entity-type:DataDomain", "entity-classification:*" ], "actions": ["entity-create"] + }, + { + "policyResourceCategory": "RELATIONSHIP", + "policyType": "ACCESS", + "description": "Link/unlink this DataProduct to any parent Domain", + "resources": [ + "relationship-type:*", + + "end-one-entity:{entity}/*", + "end-one-entity:{entity}", + "end-one-entity-type:DataDomain", + "end-one-entity-classification:*", + + "end-two-entity:{entity}/*", + "end-one-entity:{entity}", + "end-two-entity-type:DataDomain", + "end-two-entity-classification:*" + ], + "actions": ["add-relationship", "update-relationship", "remove-relationship"] } ], "persona-domain-sub-domain-update": [ @@ -473,7 +492,7 @@ "policyResourceCategory": "ENTITY", "policyType": "ACCESS", "resources": [ - "entity:{entity}/domain/*", + "entity:{entity}/*domain/*", "entity-type:DataDomain", "entity-classification:*" ], @@ -485,7 +504,7 @@ "policyResourceCategory": "ENTITY", "policyType": "ACCESS", "resources": [ - "entity:{entity}/domain/*", + "entity:{entity}/*domain/*", "entity-type:DataDomain", "entity-classification:*" ], @@ -498,7 +517,7 @@ "policyResourceCategory": "ENTITY", "policyType": "ACCESS", "resources": [ - "entity:{entity}/*/product/*", + "entity:{entity}/*product/*", "entity-type:DataProduct", "entity-classification:*" ], @@ -510,8 +529,7 @@ "policyResourceCategory": "ENTITY", "policyType": "ACCESS", "resources": [ - "entity:{entity}/*/product/*", - "entity:{entity}/product/*", + "entity:{entity}/*product/*", "entity-type:DataProduct", "entity-classification:*" ], @@ -541,7 +559,7 @@ "policyResourceCategory": "ENTITY", "policyType": "ACCESS", "resources": [ - "entity:{entity}/*/product/*", + "entity:{entity}/*product/*", "entity-type:DataProduct", "entity-classification:*" ], @@ -572,7 +590,7 @@ "policyResourceCategory": "ENTITY", "policyType": "ACCESS", "resources": [ - "entity:{entity}/*/product/*", + "entity:{entity}/*product/*", "entity-type:DataProduct", "entity-classification:*" ],