Open JulianBaSi opened 4 years ago
Hello @JulianBaSi to prevent a user from sharing cases, make sure (s)he's role doesn't contain the manageShare
permission (which is part of the analyst
profile we provide by default.
All the multi tenancy design has been built on top of an assumption: if you belong to an org, you are able to see all the data that it creates, or all the data that has been shared with it.
[Feature Request] More options on linking 2 ORGs
Request Type
Feature Request
Request
When linking two organisations it should be possible to have more options than just linking them. I have two options in mind: (1) linking with max. TLP and (2) linking with specific profile.
(1): We have some ORGs with users which are not allowed to see all cases or observables (e.g. those with TLP:red). Currently when sharing a case, this must be thought by the analyst who add this share. It would be nice if this setting can be set at admin-side, making it impossible for an analyst to share a case (or the observables of a case) above the specified TLP.
(2): In our case there are some roles which are not allowed to see anything case-related, but only can use the dashboards. It would be helpful if the admin can link two organisations but with setting a specified role/profile. You can already set this option when sharing a case ("Profile"), but do this globally when linking two ORGs and not have this to be done by the analyst would be nice.