From 5181026b7e20998f7ea990062c6b252799fb5cba Mon Sep 17 00:00:00 2001
From: gassara-kys <ogasawara_kiyoshi@cybernagent>
Date: Tue, 16 Apr 2024 11:38:11 +0900
Subject: [PATCH] fix: default policy

---
 pkg/server/project/project.go | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/pkg/server/project/project.go b/pkg/server/project/project.go
index 6babfb8..713a279 100644
--- a/pkg/server/project/project.go
+++ b/pkg/server/project/project.go
@@ -119,7 +119,11 @@ func (p *ProjectService) createDefaultRole(ctx context.Context, ownerUserID, pro
 	findingEditor := "finding-editor"
 	viewerActionPtn := "get|list|is-admin|put-alert-first-viewed-at"
 
-	for name, actionPtn := range map[string]string{projectAdmin: ".*", projectViewer: viewerActionPtn, findingEditor: viewerActionPtn + "|/finding/.+|/alert/.+"} {
+	for name, actionPtn := range map[string]string{
+		projectAdmin:  ".*",
+		projectViewer: viewerActionPtn,
+		findingEditor: viewerActionPtn + "|^finding/.+|^alert/.+",
+	} {
 		policy, err := p.iamClient.PutPolicy(ctx, &iam.PutPolicyRequest{
 			ProjectId: projectID,
 			Policy: &iam.PolicyForUpsert{