Editing Permissions
It is highly recommended to duplicate a role and make changes to the copied role. This will preserve your default role/permissions as a "fall back" in case changes need to be overridden. This article will only be on the Default Roles that come with every IriusRisk instance.
Default Roles/Permissions
For further reading on what roles, and permissions, we have by default, please refer to our Role Definitions article.
Full List Of Default Roles
ROLE_TEST_ONLY
ROLE_ADMIN
ROLE_PORTFOLIO_VIEW
ROLE_DEVELOPER
ROLE_FULL_ACCESS_USER
ROLE_MANAGE_USERS_BU
ROLE_RISK_MANAGER
ROLE_RULES_EDITOR
ROLE_TEMPLATE_EDITOR
ROLE_REQUIREMENTS_MANAGE
ROLE_TESTER
ROLE_QUESTIONNAIRE_ONLY
ROLE_LIBRARY_EDITOR
Full List Of Permissions
| EDIT_RULES | Global |
| PRODUCTS_LIST_ALL | Global |
| PRODUCTS_LIST_ALL_READ_ONLY | Global |
| PRODUCT_CREATE | Global |
| PRODUCT_IMPORT | Global |
| PRODUCT_ID_UPDATE | Global |
| ROLES_UPDATE | Global |
| SYSTEM_SETTINGS_UPDATE | Global |
| SYSTEM_SETTINGS_VIEW | Global |
| TEMPLATE_UPDATE | Global |
| TEMPLATE_UPDATE_ALL | Global |
| TEMPLATE_LIBRARY_VIEW | Global |
| LIBRARY_UPDATE | Global |
| LIBRARY_VIEW | Global |
| ALL_USERS_UPDATE | Global |
| MANAGE_USERS_BU | Global |
| VIEW_USERS_SAME_BU | Global |
| VIEW_USERS_ALL | Global |
| USER_AUDIT_LOG_VIEW | Global |
| ALL_USERS_AUDIT_LOG_VIEW | Global |
| COMPONENT_DEFINITIONS_VIEW | Global |
| COMPONENT_DEFINITIONS_UPDATE | Global |
| SUPPORT | Global |
| DROOLS_CREATION_RULE | Global |
| API_ACCESS | Global |
| ANALYTICS_MODULE_ACCESS | Global |
| ANALYTICS_SETTINGS_UPDATE | Global |
| ARCHITECTURE_UPDATE | Product |
| ARCHITECTURE_VIEW | Product |
| USE_CASE_CREATE | Product |
| USE_CASE_UPDATE | Product |
| USE_CASE_DELETE | Product |
| COUNTERMEASURE_UPDATE | Product |
| COUNTERMEASURE_VIEW | Product |
| COUNTERMEASURE_DELETE | Product |
| COUNTERMEASURE_MITIGATION_UPDATE | Product |
| COUNTERMEASURE_TEST_VIEW | Product |
| COUNTERMEASURE_EXPIRY_DATE_VIEW | Product |
| COUNTERMEASURE_SELECT_REQUIRED | Product |
| COUNTERMEASURE_SELECT_REJECTED | Product |
| COUNTERMEASURE_SELECT_RECOMMENDED | Product |
| COUNTERMEASURE_SELECT_IMPLEMENTED | Product |
| COUNTERMEASURE_SELECT_NA | Product |
| COUNTERMEASURE_CREATE | Product |
| COUNTERMEASURE_ADD_FROM_EXISTING | Product |
| PRODUCT_UPDATE | Product |
| PRODUCT_UPDATE_XML | Product |
| PRODUCT_CREATE_UPDATE_OTM | Product |
| PRODUCT_OWNERSHIP_UPDATE | Product |
| PRODUCT_COMPONENT_SETTINGS_UPDATE | Product |
| PRODUCT_COUNTERMEASURE_SETTINGS_UPDATE | Product |
| PRODUCT_THREAT_SETTINGS_UPDATE | Product |
| PRODUCT_EXPORT | Product |
| SOURCE_VIEW | Product |
| PRODUCT_AUDIT_LOG_VIEW | Product |
| PRODUCT_DELETE | Product |
| PRODUCT_LOCK | Product |
| PRODUCT_GENERATE_NEW_VERSION | Product |
| PRODUCT_VERSION_DELETE | Product |
| PRODUCT_VERSION_UPDATE | Product |
| PRODUCT_VERSION_RESTORE | Product |
| PRODUCT_CREATE_FROM_VERSION | Product |
| THREAT_UPDATE | Product |
| THREAT_UPDATE_IF_SOURCE_IS_RULES | Product |
| THREAT_UPDATE_IF_MITIGATION_IS_PLANNED | Product |
| RISK_VIEW | Product |
| THREAT_CREATE | Product |
| THREAT_VIEW | Product |
| THREAT_ADD_FROM_EXISTING | Product |
| RISK_SUMMARY_VIEW | Product |
| SEARCH_BY_CUSTOM_LIBRARIES_LIST | Product |
| GENERAL_THREATS_MANAGE | Product |
| THREAT_DELETE_IF_SOURCE_IS_RULES | Product |
| THREAT_DELETE_IF_MITIGATION_IS_PLANNED | Product |
| THREAT_LOCK | Product |
| TEST_UPDATE | Product |
| WEAKNESS_CREATE | Product |
| WEAKNESS_ADD_FROM_EXISTING | Product |
| WEAKNESS_UPDATE | Product |
| WEAKNESS_DELETE | Product |
| WORKFLOW_CHANGE | Product |
| WORKFLOW_ALL_CHANGE | Product |
| DOWNLOAD_REPORTS | Product |
| REPORT_DELETE | Product |
| PRODUCT_COMPONENT_CREATE | Product |
| PRODUCT_COMPONENT_UPDATE | Product |
| PRODUCT_COMPONENT_DELETE | Product |
| VULNERABILITY_TRACKER_CREATE | Product |
To make changes to your Roles (Default and Custom) login to your instance and hover your mouse over the "gear" icon in the top right. Then click "Users And Permissions":
Afterwards, click on "Roles":
The "ROLE_ADMIN" is the only role that you are not able to make changes to. However, click on another role that you need to make changes to and you will see the permissions on the right hand side where you can then check, or uncheck, the boxes for what permissions are added to this role:
**Dont forget to click "Save" when your changes are completed**
Below are the default roles that come with IriusRisk, and what their permissions are. Use this as a guide for correcting roles where changes have been made.
ROLE_ADMIN
The Admin Role will contain all permissions
The Admin role is not able to be modified by default. You would not be able to add/remove permissions to this role. If you have created your own "Admin" type role, please have a backup of the permissions you would like set as we would not have a way to reset these if a change is made that causes your custom role to fail.
ROLE_TEST_ONLY
This role will contain 2 permissions:
| MANAGE_USERS_BU | Global |
| VIEW_USERS_ALL | Global |
ROLE_PORTFOLIO_VIEW
This role will contain 2 permissions:
| TEMPLATE_LIBRARY_VIEW | Global |
| API_ACCESS | Global |
ROLE_DEVELOPER
This role will contain 33 permissions:
| ARCHITECTURE_UPDATE | Product |
| ARCHITECTURE_VIEW | Product |
| USE_CASE_CREATE | Product |
| USE_CASE_UPDATE | Product |
| USE_CASE_DELETE | Product |
| COUNTERMEASURE_UPDATE | Product |
| COUNTERMEASURE_VIEW | Product |
| COUNTERMEASURE_DELETE | Product |
| COUNTERMEASURE_TEST_VIEW | Product |
| COUNTERMEASURE_EXPIRY_DATE_VIEW | Product |
| COUNTERMEASURE_SELECT_REQUIRED | Product |
| COUNTERMEASURE_SELECT_REJECTED | Product |
| COUNTERMEASURE_SELECT_RECOMMENDED | Product |
| COUNTERMEASURE_SELECT_IMPLEMENTED | Product |
| COUNTERMEASURE_SELECT_NA | Product |
| PRODUCT_UPDATE | Product |
| PRODUCT_UPDATE_XML | Product |
| PRODUCT_OWNERSHIP_UPDATE | Product |
| PRODUCT_COMPONENT_SETTINGS_UPDATE | Product |
| PRODUCT_COUNTERMEASURE_SETTINGS_UPDATE | Product |
| PRODUCT_THREAT_SETTINGS_UPDATE | Product |
| PRODUCT_EXPORT | Product |
| SOURCE_VIEW | Product |
| PRODUCT_AUDIT_LOG_VIEW | Product |
| PRODUCT_DELETE | Product |
| THREAT_VIEW | Product |
| WORKFLOW_CHANGE | Product |
| WORKFLOW_ALL_CHANGE | Product |
| PRODUCT_CREATE | Global |
| PRODUCT_IMPORT | Global |
| TEMPLATE_LIBRARY_VIEW | Global |
| USER_AUDIT_LOG_VIEW | Global |
| API_ACCESS | Global |
ROLE_FULL_ACCESS_USER
This role will contain 66 permissions:
| TEMPLATE_UPDATE | Global |
| TEMPLATE_LIBRARY_VIEW | Global |
| USER_AUDIT_LOG_VIEW | Global |
| PRODUCT_CREATE | Global |
| PRODUCT_IMPORT | Global |
| PRODUCT_ID_UPDATE | Global |
| API_ACCESS | Global |
| ALL_USERS_AUDIT_LOG_VIEW | Global |
| ARCHITECTURE_UPDATE | Product |
| ARCHITECTURE_VIEW | Product |
| USE_CASE_CREATE | Product |
| USE_CASE_UPDATE | Product |
| USE_CASE_DELETE | Product |
| COUNTERMEASURE_UPDATE | Product |
| COUNTERMEASURE_SELECT_IMPLEMENTED | Product |
| COUNTERMEASURE_SELECT_RECOMMENDED | Product |
| COUNTERMEASURE_SELECT_REJECTED | Product |
| COUNTERMEASURE_SELECT_REQUIRED | Product |
| COUNTERMEASURE_SELECT_NA | Product |
| COUNTERMEASURE_VIEW | Product |
| COUNTERMEASURE_DELETE | Product |
| COUNTERMEASURE_MITIGATION_UPDATE | Product |
| COUNTERMEASURE_TEST_VIEW | Product |
| COUNTERMEASURE_EXPIRY_DATE_VIEW | Product |
| PRODUCT_UPDATE | Product |
| PRODUCT_UPDATE_XML | Product |
| PRODUCT_CREATE_UPDATE_OTM | Product |
| PRODUCT_OWNERSHIP_UPDATE | Product |
| PRODUCT_COMPONENT_SETTINGS_UPDATE | Product |
| PRODUCT_COUNTERMEASURE_SETTINGS_UPDATE | Product |
| PRODUCT_THREAT_SETTINGS_UPDATE | Product |
| PRODUCT_DELETE | Product |
| PRODUCT_EXPORT | Product |
| PRODUCT_GENERATE_NEW_VERSION | Product |
| PRODUCT_VERSION_DELETE | Product |
| PRODUCT_VERSION_UPDATE | Product |
| PRODUCT_VERSION_RESTORE | Product |
| PRODUCT_LOCK | Product |
| THREAT_UPDATE | Product |
| THREAT_UPDATE_IF_SOURCE_IS_RULES | Product |
| THREAT_DELETE_IF_SOURCE_IS_RULES | Product |
| THREAT_UPDATE_IF_MITIGATION_IS_PLANNED | Product |
| THREAT_DELETE_IF_MITIGATION_IS_PLANNED | Product |
| RISK_VIEW | Product |
| THREAT_CREATE | Product |
| RISK_SUMMARY_VIEW | Product |
| SOURCE_VIEW | Product |
| PRODUCT_AUDIT_LOG_VIEW | Product |
| THREAT_VIEW | Product |
| TEST_UPDATE | Product |
| WORKFLOW_CHANGE | Product |
| WORKFLOW_ALL_CHANGE | Product |
| DOWNLOAD_REPORTS | Product |
| REPORT_DELETE | Product |
| COUNTERMEASURE_CREATE | Product |
| COUNTERMEASURE_ADD_FROM_EXISTING | Product |
| GENERAL_THREATS_MANAGE | Product |
| THREAT_LOCK | Product |
| WEAKNESS_CREATE | Product |
| WEAKNESS_ADD_FROM_EXISTING | Product |
| WEAKNESS_UPDATE | Product |
| VULNERABILITY_TRACKER_CREATE | Product |
| PRODUCT_CREATE_FROM_VERSION | Product |
| PRODUCT_COMPONENT_CREATE | Product |
| PRODUCT_COMPONENT_UPDATE | Product |
| PRODUCT_COMPONENT_DELETE | Product |
ROLE_MANAGE_USERS_BU
This role will contain 4 permissions:
| MANAGE_USERS_BU | Global |
| TEMPLATE_LIBRARY_VIEW | Global |
| API_ACCESS | Global |
ROLE_RISK_MANAGER
This role will contain 41 permissions:
| ARCHITECTURE_UPDATE | Product |
| ARCHITECTURE_VIEW | Product |
| USE_CASE_CREATE | Product |
| USE_CASE_UPDATE | Product |
| USE_CASE_DELETE | Product |
| COUNTERMEASURE_UPDATE | Product |
| COUNTERMEASURE_SELECT_IMPLEMENTED | Product |
| COUNTERMEASURE_SELECT_RECOMMENDED | Product |
| COUNTERMEASURE_SELECT_REJECTED | Product |
| COUNTERMEASURE_SELECT_REQUIRED | Product |
| COUNTERMEASURE_SELECT_NA | Product |
| COUNTERMEASURE_VIEW | Product |
| COUNTERMEASURE_TEST_VIEW | Product |
| COUNTERMEASURE_EXPIRY_DATE_VIEW | Product |
| PRODUCT_UPDATE | Product |
| PRODUCT_UPDATE_XML | Product |
| PRODUCT_OWNERSHIP_UPDATE | Product |
| PRODUCT_COMPONENT_SETTINGS_UPDATE | Product |
| PRODUCT_COUNTERMEASURE_SETTINGS_UPDATE | Product |
| PRODUCT_THREAT_SETTINGS_UPDATE | Product |
| PRODUCT_DELETE | Product |
| PRODUCT_EXPORT | Product |
| SOURCE_VIEW | Product |
| PRODUCT_AUDIT_LOG_VIEW | Product |
| PRODUCT_LOCK | Product |
| THREAT_UPDATE | Product |
| THREAT_UPDATE_IF_SOURCE_IS_RULES | Product |
| THREAT_DELETE_IF_SOURCE_IS_RULES | Product |
| THREAT_UPDATE_IF_MITIGATION_IS_PLANNED | Product |
| THREAT_DELETE_IF_MITIGATION_IS_PLANNED | Product |
| RISK_VIEW | Product |
| THREAT_VIEW | Product |
| THREAT_CREATE | Product |
| RISK_SUMMARY_VIEW | Product |
| USER_AUDIT_LOG_VIEW | Global |
| TEMPLATE_LIBRARY_VIEW | Global |
| PRODUCT_CREATE | Global |
| PRODUCT_IMPORT | Global |
| GENERAL_THREATS_MANAGE | Product |
| THREAT_LOCK | Product |
| API_ACCESS | Global |
ROLE_RULES_EDITOR
This role will contain 3 permissions:
| EDIT_RULES | Global |
| TEMPLATE_LIBRARY_VIEW | Global |
| API_ACCESS | Global |
ROLE_TEMPLATE_EDITOR
This role will contain 3 permissions:
| TEMPLATE_UPDATE | Global |
| TEMPLATE_LIBRARY_VIEW | Global |
| API_ACCESS | Global |
ROLE_REQUIREMENTS_MANAGE
This role will contain 7 permissions:
| COUNTERMEASURE_SELECT_IMPLEMENTED | Product |
| COUNTERMEASURE_SELECT_RECOMMENDED | Product |
| COUNTERMEASURE_SELECT_REJECTED | Product |
| COUNTERMEASURE_SELECT_REQUIRED | Product |
| COUNTERMEASURE_SELECT_NA | Product |
| TEMPLATE_LIBRARY_VIEW | Global |
| API_ACCESS | Global |
ROLE_TESTER
This role will contain 4 permissions:
| TEST_UPDATE | Product |
| THREAT_VIEW | Product |
| TEMPLATE_LIBRARY_VIEW | Global |
| API_ACCESS | Global |
ROLE_QUESTIONNAIRE_ONLY
This role will contain 7 permissions:
| ARCHITECTURE_UPDATE | Product |
| ARCHITECTURE_VIEW | Product |
| USE_CASE_CREATE | Product |
| USE_CASE_UPDATE | Product |
| USE_CASE_DELETE | Product |
| TEMPLATE_LIBRARY_VIEW | Global |
| API_ACCESS | Global |
ROLE_LIBRARY_EDITOR
This role will contain 4 permissions:
| LIBRARY_VIEW | Global |
| LIBRARY_UPDATE | Global |
| TEMPLATE_LIBRARY_VIEW | Global |
| API_ACCESS | Global |
Comments
0 comments
Article is closed for comments.