MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity

chg: [internal] Cleanup unnecessary permissions

pull/7769/head
Jakub Onderka 2021-09-26 13:59:11 +02:00
parent 624634751f
commit f43800e0fe
1 changed files with 21 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
app/Controller/Component/ACLComponent.php
View File

@ -230,7 +230,7 @@ class ACLComponent extends Component
'index' => array('*'),
'importChoice' => array('*'),
'importModule' => array('*'),
'massDelete' => array('perm_site_admin'),
'massDelete' => array(),
'merge' => array('perm_modify'),
'nids' => array('*'),
'proposalEventIndex' => array('*'),
@ -240,11 +240,11 @@ class ACLComponent extends Component
'pushEventToKafka' => array('perm_publish_kafka'),
'pushProposals' => array('perm_sync'),
'queryEnrichment' => array('perm_add'),
'recoverEvent' => array('perm_site_admin'),
'recoverEvent' => array(),
'removePivot' => array('*'),
'removeTag' => array('perm_tagger'),
'reportValidationIssuesEvents' => array(),
'restoreDeletedEvents' => array('perm_site_admin'),
'restoreDeletedEvents' => array(),
'restSearch' => array('*'),
'runTaxonomyExclusivityCheck' => array('*'),
'saveFreeText' => array('perm_add'),
@ -285,29 +285,20 @@ class ACLComponent extends Component
'fetchSelectedFromFreetextIndex' => array(),
'getEvent' => array(),
'importFeeds' => array(),
'index' => ['OR' => [
'host_org_user',
'perm_site_admin',
]],
'loadDefaultFeeds' => array('perm_site_admin'),
'index' => ['host_org_user'],
'loadDefaultFeeds' => array(),
'previewEvent' => array('*'),
'previewIndex' => array('*'),
'searchCaches' => ['OR' => [
'host_org_user',
'perm_site_admin',
]],
'toggleSelected' => array('perm_site_admin'),
'view' => ['OR' => [
'host_org_user',
'perm_site_admin',
]],
'searchCaches' => ['host_org_user'],
'toggleSelected' => array(),
'view' => ['host_org_user'],
),
'galaxies' => array(
'attachCluster' => array('perm_tagger'),
'attachMultipleClusters' => array('perm_tagger'),
'delete' => array(),
'disable' => array('perm_site_admin'),
'enable' => array('perm_site_admin'),
'disable' => array(),
'enable' => array(),
'export' => array('*'),
'forkTree' => array('*'),
'index' => array('*'),
@ -318,7 +309,7 @@ class ACLComponent extends Component
'selectGalaxyNamespace' => array('perm_tagger'),
'selectCluster' => array('perm_tagger'),
'showGalaxies' => array('*'),
'toggle' => array('perm_site_admin'),
'toggle' => array(),
'update' => array(),
'view' => array('*'),
'viewGraph' => array('*'),
@ -438,7 +429,7 @@ class ACLComponent extends Component
'view' => array('*'),
'viewElements' => array('*'),
'index' => array('*'),
'update' => array('perm_site_admin')
'update' => array()
),
'objectTemplateElements' => array(
'viewElements' => array('*')
@ -468,7 +459,7 @@ class ACLComponent extends Component
'add' => array('not_read_only_authkey'),
'delete' => array('not_read_only_authkey'),
'edit' => array('not_read_only_authkey'),
'pushMessageToZMQ' => array('perm_site_admin')
'pushMessageToZMQ' => array()
),
'regexp' => array(
'admin_add' => array('perm_regexp_access'),
@ -515,10 +506,7 @@ class ACLComponent extends Component
'getSubmoduleQuickUpdateForm' => array(),
'getWorkers' => array(),
'getVersion' => array('perm_auth'),
'idTranslator' => ['OR' => [
'host_org_user',
'perm_site_admin',
]],
'idTranslator' => ['host_org_user'],
'import' => array(),
'index' => array(),
'ondemandAction' => array(),
@ -532,7 +520,7 @@ class ACLComponent extends Component
'queryAvailableSyncFilteringRules' => array(),
'releaseUpdateLock' => array(),
'resetRemoteAuthKey' => array(),
'removeOrphanedCorrelations' => array('perm_site_admin'),
'removeOrphanedCorrelations' => array(),
'rest' => array('perm_auth'),
'openapi' => array('*'),
'restartDeadWorkers' => array(),
@ -552,7 +540,7 @@ class ACLComponent extends Component
'updateSubmodule' => array(),
'uploadFile' => array(),
'viewDeprecatedFunctionUse' => array(),
'killAllWorkers' => ['perm_site_admin'],
'killAllWorkers' => [],
'cspReport' => ['*'],
'pruneDuplicateUUIDs' => array(),
'removeDuplicateEvents' => array(),
@ -652,7 +640,7 @@ class ACLComponent extends Component
'taxonomyMassConfirmation' => array('perm_tagger'),
'taxonomyMassHide' => array('perm_tagger'),
'taxonomyMassUnhide' => array('perm_tagger'),
'toggleRequired' => array('perm_site_admin'),
'toggleRequired' => array(),
'update' => array(),
'import' => [],
'export' => ['*'],
@ -686,7 +674,7 @@ class ACLComponent extends Component
'viewEvent' => array('*'),
),
'users' => array(
'acceptRegistrations' => array('perm_site_admin'),
'acceptRegistrations' => array(),
'admin_add' => ['AND' => ['perm_admin', 'add_user_enabled']],
'admin_delete' => array('perm_admin'),
'admin_edit' => array('perm_admin'),
@ -694,7 +682,7 @@ class ACLComponent extends Component
'admin_filterUserIndex' => array('perm_admin'),
'admin_index' => array('perm_admin'),
'admin_massToggleField' => array('perm_admin'),
'admin_monitor' => array('perm_site_admin'),
'admin_monitor' => array(),
'admin_quickEmail' => array('perm_admin'),
'admin_view' => array('perm_admin'),
'attributehistogram' => array('*'),
@ -703,7 +691,7 @@ class ACLComponent extends Component
'checkIfLoggedIn' => array('*'),
'dashboard' => array('*'),
'delete' => array('perm_admin'),
'discardRegistrations' => array('perm_site_admin'),
'discardRegistrations' => array(),
'downloadTerms' => array('*'),
'edit' => array('self_management_enabled'),
'email_otp' => array('*'),
@ -714,7 +702,7 @@ class ACLComponent extends Component
'login' => array('*'),
'logout' => array('*'),
'register' => array('*'),
'registrations' => array('perm_site_admin'),
'registrations' => array(),
'resetAllSyncAuthKeys' => array(),
'resetauthkey' => ['AND' => ['self_management_enabled', 'perm_auth', 'not_read_only_authkey']],
'request_API' => array('*'),