[SECURITY-50] App and action based security for Norsu Created: 28/Nov/22 Updated: 21/Feb/23 |
|
| Status: | Accepted |
| Project: | Security |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Epic | Priority: | Neutral |
| Reporter: | Matt Rajkovic | Assignee: | Unassigned |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Template: |
|
| Epic Name: | App and action based security for Norsu |
| Acceptance criteria: |
Empty
|
| Team: |
| Description |
GoalWe want to limit certain content actions and apps on Norsu to be available only to specific groups and roles. For now, we'll only focus on SaaS roles (as only SaaS uses Norsu), i.e. publishing a node should only be possible for SaaS roles of Publisher and higher permissions. List of SaaS roles: https://wiki.magnolia-cms.com/display/DEVINT/SaaS+-+User+roles |