Permissions

Updated:2024-12-02 SBOM Central

A user's permissions decide the functionality currently provided to that user.

A user's permissions.

  1. An Active user belongs to at least one team.
  2. The user selects a team as the present team in the Team menu (all active users have a default team).
  3. The permissions provided to the user in the present team are the user's present permissions.

A user's permissions are the sum of Team permissions and User permissions. Team permissions are the permissions provided to all team members, and User permissions are the individual permissions provided to the user when belonging to that team. So, depending on the present team, a user may have different sets of permissions:

Admin permissions example :

Permissions in sections Activities, Source code, Issues, and Tests are not valid here, all settings are omitted by SBOM Central.

Permissions

Permissions control the usage of the WebApp feature set.

System permissions Comment
Destroy API token Allows a user to destroy the API tokens for all users in the WebApp.
Clean old activity/build/execution records Allows a user to destroy old activity and build or test execution records.
Upload MAIA software license Allows a user to upload a new license.
Update system settings Allows a user to edit system settings.
Access all records Allows a user to access all information available in the WebApp.
Create/update/destroy components Allows a user to create, update, and destroy components that belong to the team.


Users and teams permissions Comment
Create team Allows a user to create teams.
Destroy team Allows a user to destroy any team.
Destroy user Allows a user to destroy any user.
Edit protected information on a user Allows a user to edit sensitive information about a user, such as 'User name' and 'Email'.
Update users Allows a user to update any user.
Update teams Allows a user to update the teams they belong to.
Create/update users Allows a user to create users and update users that belong to the team.


Artifacts permissions Comment
Create/update delivery reports Allows a user to create and update delivery reports for builds/SBOMs that belong to the team.
Create/destroy artifacts/SBOMS Allows a user to create artifacts/SBOMs.


Environments permissions Comment
Create/destroy environments Allows a user to create and destroy any environment.
Update environments Allows a user to update environments that belong to the team.


Vulnerabilities permissions Comment
Evaluate vulnerabilities Allows a user to evaluate vulnerabilities that belong to the team.
Read vulnerabilities Allows users to read all vulnerability reports for its 'current teams' components.


External software permissions Comment
Duplicate an SBOM Allows a user to make copies of existing SBOMs..
Update external software Allows a user to update external software that belongs to the team.
Create/update licenses Allows a user to create and update external software licenses that belong to the team.
Sync external software Allows a user to update external software data from external sources.


License types permissions Comment
Create/update/destroy license types Allows a user to create, update and destroy license types in the WebApp.


Results