Granular Permission system to split MISP admin and System Admin #6162
Labels
T: feature request
Type: feature request. This issue is requesting a new feature
topic: admin
This issue involves the organization administration feature
Comments
digihash
added
T: feature request
|
As discussed before - definitely something that would be useful and it would eliminate some of the issues we have today, but it's a rather large task. |
|
I know @iglocska, I just wanted to log it down here so we can follow it up 👍 |
|
Oh no, don't get me wrong just left it as a note internally so we know that we want this but it's a larger task - thanks for creating the issue ;) |
adulau
removed
the
needs triage
enjeck
added
the
topic: admin
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
Image that you have an SLA contract with a hosting company that will host the MISP instance you want to use on their servers. In the SLA, you expect a high availability of the system and a high security standard. Because of this, the hoster won't allow you, as the client, to fiddle with the operating system, web server, database, or MISP system settings which could lead to downtime of the server.
The problem here is that the current permission system only has the option to be a site admin or an Org admin, but nothing in between.
Describe the solution you'd like
I would like a solution in this case where the Site admin is further divided in a system admin that can change system settings and a site admin that can't change any MISP server specific settings, but can do the following.
System administrator can:
Site administrator can:
Things I'm not sure where to put it, maybe make it possible to choose and let it be added separately in a certain role
The text was updated successfully, but these errors were encountered: