-
Notifications
You must be signed in to change notification settings - Fork 3
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
As tech lead, I need a new permissions group for ACF OCIO #1358
Comments
Bring up during dev sync. |
per dev sync, we decided that |
@ADPennington are you taking the ticket for this current sprint? Or scoping out tasks for a future sprint? |
@valcollignon -- dev is taking this ticket to scope the tasks. if the tasks are scoped in time for next week's backlog, we can discuss where it would go in our workflow. cc: @abottoms-coder |
@ADPennington Do we agree this ticket is blocked by #1170 ? |
@abottoms-coder agree. let's discuss the AC re: this group's access to frontend where feasible. they need it for logging into TDP. and they'd also need a way to get to the backend scans from there. I'd like to better understand what that flow will look like 😃 |
This issue has been refined from the dev standpoint. |
Question about this AC, will ACF OCIO all have |
I would expect this assumption is valid and this AC is satisfied. |
Can that AC be removed from this ticket then, if we agree it is satisfied? |
@ADPennington Are you ok with this? |
removed @jorgegonzalez @abottoms-coder |
Just saw this
If so, do we intend for users in this group to never see the frontend? Redirecting them straight to Django Admin reduces the added complexity of validating this on the frontend. So if that is the desired behavior, I'm updating the PR to support this shortly @ADPennington @abottoms-coder |
@jorgegonzalez -- @lfrohlich and I just discussed and can confirm that this permission group can be redirected back to security url in DAC. they dont need to do anything on the frontend. maybe access to the profile page, but only if its easy. cc: @abottoms-coder |
Demoed by @jorgegonzalez on 3/15/2022 |
Description:
As we are now storing our ZAP scans, we need to give OCIO read access to them. The simplest way to do so is to create a new group with access only to our ZAP and ClamAV logs and objects.
Acceptance Criteria:
Tasks:
Notes:
Supporting Documentation:
Open Questions:
The text was updated successfully, but these errors were encountered: