Add PipelineSecurityReportingFinding userPermissions
Problem
The vulnerability_finding_modal.vue
should be as standalone as possible. To fix Unable to create issues for pipeline security f... (#428894 - closed) • David Pisek, Subashis Chakraborty • 16.7, as a quicker fix, a new prop for the modal was added that determines whether an issue can be created for the finding. However, we'd like the modal itself to figure this out.
Solution
Introduce a userPermissions
field in PipelineSecurityReportingFinding
, similar to the userPermissions
field in Vulnerability
, which is an object with at least one permission field that determines whether the user can create an issue for the respective finding. Field could be named e.g. createFindingIssue
.
Implementation steps
-
Add Finding
permission types to accommodate all the permissions forPipelineSecurityReportFindingType
-
Expose permission type defined in earlier step in PipelineSecurityReportFindingType
-
Add policy for abilities
if needed
Edited by Subashis Chakraborty