Skip to content

Commit

Permalink
Merge pull request #3243 from atlanhq/feat/mq-auth-policies-master
Browse files Browse the repository at this point in the history 
DG-1432 Auth Policies for MQ related Items
  • Loading branch information
@arpit-at
arpit-at authored Jun 20, 2024
2 parents 3da0798 + 850cf26 commit 5b8258d
Show file tree
Hide file tree
Showing 2 changed files with 258 additions and 0 deletions.
182 changes: 182 additions & 0 deletions addons/policies/bootstrap_entity_policies.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3108,6 +3108,188 @@
"entity-read"
]
}
},

{
"typeName": "AuthPolicy",
"attributes": {
"name": "CUD_BUSINESS_POLICY",
"qualifiedName": "CUD_BUSINESS_POLICY",
"policyCategory": "bootstrap",
"policySubCategory": "default",
"policyServiceName": "atlas",
"policyType": "allow",
"policyPriority": 0,
"policyUsers": [],
"policyGroups": [],
"policyRoles": [
"$admin",
"$api-token-default-access"
],
"policyResourceCategory": "ENTITY",
"policyResources": [
"entity-type:BusinessPolicy",
"entity-type:BusinessPolicyException",
"entity-classification:*",
"entity:*"
],
"policyActions": [
"entity-create",
"entity-update",
"entity-delete"
]
}
},
{
"typeName": "AuthPolicy",
"attributes": {
"name": "READ_BUSINESS_POLICY",
"qualifiedName": "READ_BUSINESS_POLICY",
"policyCategory": "bootstrap",
"policySubCategory": "default",
"policyServiceName": "atlas",
"policyType": "allow",
"policyPriority": 0,
"policyUsers": [],
"policyGroups": [],
"policyRoles": [
"$admin",
"$guest",
"$member",
"$api-token-default-access"
],
"policyResourceCategory": "ENTITY",
"policyResources": [
"entity-type:BusinessPolicy",
"entity-type:BusinessPolicyException",
"entity-classification:*",
"entity:*"
],
"policyActions": [
"entity-read"
]
}
},

{
"typeName": "AuthPolicy",
"attributes": {
"name": "CUD_INCIDENT",
"qualifiedName": "CUD_INCIDENT",
"policyCategory": "bootstrap",
"policySubCategory": "default",
"policyServiceName": "atlas",
"policyType": "allow",
"policyPriority": 0,
"policyUsers": [],
"policyGroups": [],
"policyRoles": [
"$admin",
"$api-token-default-access"
],
"policyResourceCategory": "ENTITY",
"policyResources": [
"entity-type:Incident",
"entity-classification:*",
"entity:*"
],
"policyActions": [
"entity-create",
"entity-update",
"entity-delete"
]
}
},
{
"typeName": "AuthPolicy",
"attributes": {
"name": "READ_INCIDENT" ,
"qualifiedName": "READ_INCIDENT",
"policyCategory": "bootstrap",
"policySubCategory": "default",
"policyServiceName": "atlas",
"policyType": "allow",
"policyPriority": 0,
"policyUsers": [],
"policyGroups": [],
"policyRoles": [
"$admin",
"$guest",
"$member",
"$api-token-default-access"
],
"policyResourceCategory": "ENTITY",
"policyResources": [
"entity-type:Incident",
"entity-classification:*",
"entity:*"
],
"policyActions": [
"entity-read"
]
}
},
{
"typeName": "AuthPolicy",
"attributes": {
"name": "CRUD_BUSINESS_POLICY_LOG",
"qualifiedName": "CRUD_BUSINESS_POLICY_LOG",
"policyCategory": "bootstrap",
"policySubCategory": "default",
"policyServiceName": "atlas",
"policyType": "allow",
"policyPriority": 0,
"policyUsers": [],
"policyGroups": [],
"policyRoles": [
"$admin",
"$api-token-default-access"
],
"policyResourceCategory": "ENTITY",
"policyResources": [
"entity-type:BusinessPolicyLog",
"entity-classification:*",
"entity:*"
],
"policyActions": [
"entity-create",
"entity-read",
"entity-update",
"entity-delete"
]
}
},
{
"typeName": "AuthPolicy",
"attributes": {
"name": "CRUD_TASK",
"qualifiedName": "CRUD_TASK",
"policyCategory": "bootstrap",
"policySubCategory": "default",
"policyServiceName": "atlas",
"policyType": "allow",
"policyPriority": 0,
"policyUsers": [],
"policyGroups": [],
"policyRoles": [
"$admin",
"$guest",
"$member",
"$api-token-default-access"
],
"policyResourceCategory": "ENTITY",
"policyResources": [
"entity-type:Task",
"entity-classification:*",
"entity:*"
],
"policyActions": [
"entity-create",
"entity-read",
"entity-update",
"entity-delete"
]
}
}
]
}
76 changes: 76 additions & 0 deletions addons/policies/bootstrap_relationship_policies.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -760,6 +760,82 @@
"remove-relationship"
]
}
},
{
"typeName": "AuthPolicy",
"attributes":
{
"name": "LINK_BUSINESS_POLICY_BUSINESS_POLICY",
"qualifiedName": "LINK_BUSINESS_POLICY_BUSINESS_POLICY",
"policyCategory": "bootstrap",
"policySubCategory": "default",
"policyServiceName": "atlas",
"policyType": "allow",
"policyUsers":
[],
"policyGroups":
[],
"policyRoles":
[
"$admin",
"$api-token-default-access"
],
"policyResourceCategory": "RELATIONSHIP",
"policyResources":
[
"end-one-entity-classification:*",
"end-two-entity-classification:*",
"end-one-entity:*",
"end-two-entity:*",
"end-one-entity-type:BusinessPolicy",
"end-two-entity-type:BusinessPolicy",
"relationship-type:RelatedBusinessPolicy"
],
"policyActions":
[
"add-relationship",
"update-relationship",
"remove-relationship"
]
}
},
{
"typeName": "AuthPolicy",
"attributes":
{
"name": "LINK_BUSINESS_POLICY_BUSINESS_POLICY_EXCEPTION",
"qualifiedName": "LINK_BUSINESS_POLICY_BUSINESS_POLICY_EXCEPTION",
"policyCategory": "bootstrap",
"policySubCategory": "default",
"policyServiceName": "atlas",
"policyType": "allow",
"policyUsers":
[],
"policyGroups":
[],
"policyRoles":
[
"$admin",
"$api-token-default-access"
],
"policyResourceCategory": "RELATIONSHIP",
"policyResources":
[
"end-one-entity-classification:*",
"end-two-entity-classification:*",
"end-one-entity:*",
"end-two-entity:*",
"end-one-entity-type:BusinessPolicy",
"end-two-entity-type:BusinessPolicyException",
"relationship-type:BusinessPolicy_BusinessPolicyException"
],
"policyActions":
[
"add-relationship",
"update-relationship",
"remove-relationship"
]
}
}
]
}

0 comments on commit 5b8258d

Please sign in to comment.