search

matro7sh / Smersh

Smersh is a pentest oriented collaborative tool used to track the progress of your company's missions.
https://matro7sh.github.io/website/
MIT License
216 stars 33 forks source link

Feat - Manage role accessibility #58

Closed darkweak closed 3 years ago

darkweak commented 3 years ago

We have to manage roles with following hierarchy

ROLE_ADMIN - Can do anything ROLE_PENTESTER - Can do the same as MANAGER and manage vulns, view only his missions, manage only his own account ROLE_MANAGER - Can assign users to a mission, manage a client account, manage missions ROLE_CLIENT - Can view only his mission

To populate rights on resources for each role we will provide native roles such as ROLE{resource}{action} (eg. ROLE_MISSIONREAD) and ROLE{resource}_MANAGE to allow all actions on a resource.

jenaye commented 3 years ago

done in #59