Change user roles

cyberstudio · Mar 1, 2024 · a49bc5d · a49bc5d
1 parent 18ecbd9
commit a49bc5d
Show file tree

Hide file tree

Showing 4 changed files with 69 additions and 74 deletions.
diff --git a/HISTORY.md b/HISTORY.md
@@ -1,6 +1,10 @@
 Release History
 ===============
 
+2.12.0a7 (2024-03-01)
+---------------------
+- Change user roles
+
 2.12.0a6 (2024-02-02)
 ---------------------
 - Mention changes in 2.11.1
@@ -25,6 +29,13 @@ Release History
 ---------------------
 - Add Platforms attribute
 
+2.11.2 (26.02.2024)
+-------------------
+- Add Dictionaries to ResourceNames
+- Add DictionaryReader and DictionaryRegistrant roles.
+- Remove privileges Feeds, FeedsData and SearchFilters from roles FeedAdministrator и FeedDataReader
+- Remove privilege SearchFilters from role Searcher
+
 2.11.1 (2024-02-02)
 -------------------
 - Export PotentialDamage and RIR attributes

diff --git a/cybsi/api/user/api.py b/cybsi/api/user/api.py
@@ -309,7 +309,7 @@ class UserForm(JsonObjectForm):
         >>> userForm = UserForm(
         >>>     login="user_test",
         >>>     access_level=ShareLevels.Green,
-        >>>     roles=[RoleName.EntityReader],
+        >>>     roles=[RoleName.SystemAdministrator],
         >>>     password="string",
         >>>     full_name="Test Tester",
         >>>     email="test@pt.com",

diff --git a/cybsi/api/user/enums.py b/cybsi/api/user/enums.py
@@ -12,83 +12,61 @@ class RoleName(CybsiAPIEnum):
     See :class:`ResourceName`.
     """
 
-    Administrator = "Administrator"
+    SystemAdministrator = "SystemAdministrator"
     """
-        Administrator's role permissions:
-        [DataSources:rw,EnrichmentConfig:r,Users:r]
-    """
-    ConfigReader = "ConfigReader"
-    """
-        ConfigReader's role permissions:
-        [DataSources:r, EnrichmentConfig:r]
-    """
-    FeedAdministrator = "FeedAdministrator"
-    """
-        FeedAdministrator's role permissions:
-        [DataSources:r, Feeds:rw, FeedsData:r, Observable:r,
-        ReputationLists:rw, ReputationListsContent:r, Search:r,
-        SearchFilters:rw, StoredQuery:rw, Users:r]
-    """
-    FeedDataReader = "FeedDataReader"
-    """
-        FeedDataReader's role permissions:
-        [DataSources:r, Feeds:r, FeedsData:r, ReputationLists:r,
-        ReputationListsContent:r, SearchFilters:r, StoredQuery:r, Users:r]
-    """
-    EnrichmentRunner = "EnrichmentRunner"
-    """
-        EnrichmentRunner's role permissions:
-        [DataSources:r, EnrichmentTasks:rw]
-    """
-    EnrichmentTaskReader = "EnrichmentTaskReader"
-    """
-        EnrichmentTaskReader's role permissions:
-        [DataSources:r, EnrichmentTasks:r]
-    """
-    ReportRegistrant = "ReportRegistrant"
-    """
-        ReportRegistrant's role permissions:
-        [Observations:w, Reports:w]
-    """
-    ReportReader = "ReportReader"
-    """
-        ReportReader's role permissions:
-        [DataSources:r, Observations:r, RawReports:r, Reports:r]
-    """
-    EntityRegistrant = "EntityRegistrant"
-    """
-        EntityRegistrant's role permissions:
-        [Observable:w]
-    """
-    EntityReader = "EntityReader"
-    """
-        EntityReader's role permissions:
-        [DataSources:r, Observable:r]
+        .. versionadded:: 2.12
+
+        System administrator's role permissions:
+        [DataSources:r,Users:rw,APIKeys:rw,License:w]
     """
-    ArtifactReader = "ArtifactReader"
+    DataEngineer = "DataEngineer"
     """
-        ArtifactReader's role permissions:
-        [Artifacts:r, DataSources:r]
+        .. versionadded:: 2.12
+
+        Data engineer's role permissions:
+        [StoredQuery:rw,Observable:r,EntityView:r,Artifacts:r,
+        ArtifactsContent:r,ReputationLists:rw,ReputationListsContent:r,
+        EnrichmentConfig:rw,DataSources:rw,Users:rw,APIKeys:rw,
+        Dictionaries:rw]
     """
-    ArtifactRegistrant = "ArtifactRegistrant"
+    SOCAnalyst = "SOCAnalyst"
     """
-        ArtifactRegistrant's role permissions:
-        [Artifacts:w]
+        .. versionadded:: 2.12
+
+        SOC analyst's role permissions:
+        [StoredQuery:rw,Observable:rw,EntityView:r,Artifacts:rw,
+        ArtifactsContent:r,Reports:rw,Observations:rw,RawReports:r
+        EnrichmentTasks:rw,ReputationLists:rw,ReputationListsContent:r,
+        EnrichmentConfig:r,DataSources:r,Users:r,Dictionaries:rw]
     """
-    ArtifactContentReader = "ArtifactContentReader"
+    CTIAnalyst = "CTIAnalyst"
     """
-        ArtifactContentReader's role permissions:
-        [Artifacts:r, ArtifactsContent:r]
+        .. versionadded:: 2.12
+
+        CTI analyst's role permissions:
+        [StoredQuery:r,Observable:rw,EntityView:r,Artifacts:rw,
+        ArtifactsContent:r,Reports:rw,Observations:rw,RawReports:r
+        EnrichmentTasks:rw,ReputationLists:r,ReputationListsContent:r,
+        EnrichmentConfig:r,DataSources:r,Users:r,Dictionaries:rw]
     """
-    Searcher = "Searcher"
+    CyberSecuritySpecialist = "CyberSecuritySpecialist"
     """
-        Searcher's role permissions:
-        [DataSources:r, Observable:r, Search:r, SearchFilters:rw]
+        .. versionadded:: 2.12
+
+        Cyber security specialist's role permissions:
+        [StoredQuery:r,Observable:r,EntityView:r,Artifacts:r,
+        Reports:r,Observations:r,RawReports:r,EnrichmentTasks:rw,
+        ReputationLists:r,ReputationListsContent:r,
+        EnrichmentConfig:r,DataSources:r,Users:r,Dictionaries:rw]
     """
-    UserAdministrator = "UserAdministrator"
+    Guest = "Guest"
     """
-        UserAdministrator's role permissions:
-        [APIKeys:rw, Users:rw]
+        .. versionadded:: 2.12
+
+        Guest's role permissions:
+        [Observable:r,Artifacts:r,Reports:r,Observations:r,
+        RawReports:r,EnrichmentTasks:r,EnrichmentConfig:r,
+        DataSources:r,Dictionaries:r]
     """
 
 
@@ -107,14 +85,16 @@ class ResourceName(CybsiAPIEnum):
     """Sample contents. Permission can be only with reading action."""
     DataSources = "DataSources"
     """Data sources."""
+    Dictionaries = "Dictionaries"
+    """
+        .. versionadded:: 2.11.2
+
+        Dictionaries
+    """
     EnrichmentConfig = "EnrichmentConfig"
     """Enrichment configs."""
     EnrichmentTasks = "EnrichmentTasks"
     """Enrichment tasks."""
-    Feeds = "Feeds"
-    """Feeds."""
-    FeedsData = "FeedsData"
-    """Feed contents. Permission can be only with reading action."""
     Observable = "Observable"
     """Observable entities."""
     Observations = "Observations"
@@ -128,8 +108,6 @@ class ResourceName(CybsiAPIEnum):
     """Reports."""
     Search = "Search"
     """Search. Permission can be only with reading action."""
-    SearchFilters = "SearchFilters"
-    """Search filters."""
     Users = "Users"
     """Users."""
     APIKeys = "APIKeys"
@@ -140,3 +118,9 @@ class ResourceName(CybsiAPIEnum):
     """Reputation list contents. Permission can be only with reading action."""
     StoredQuery = "StoredQuery"
     """Stored queries."""
+    License = "License"
+    """
+        .. versionadded:: 2.12
+
+        Licenses.
+    """
diff --git a/examples/authentication/user_api_key_generation.py b/examples/authentication/user_api_key_generation.py
@@ -23,7 +23,7 @@
         userForm = UserForm(
             login="user_test",
             access_level=ShareLevels.Green,
-            roles=[RoleName.EntityReader],
+            roles=[RoleName.SystemAdministrator],
             password="string",
             full_name="Test Tester",
             email="test@pt.com",