From c26ea0ae3c1363c47b1ea383d604d349820a04c0 Mon Sep 17 00:00:00 2001 From: nino-filigran <148041607+nino-filigran@users.noreply.github.com> Date: Mon, 1 Sep 2025 14:51:47 +0200 Subject: [PATCH 1/2] Update users.md update RBAC list to represent current list. Addition of: Allow modification of sensitive configuration Can use web interface export functions (PDF, PNG, etc.) Disseminate files by email Manage data mappers Manage XTM Hub Edition of Delete: will include merge in an upcoming PR of community --- docs/administration/users.md | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/docs/administration/users.md b/docs/administration/users.md index 4ca6ed6d..eea18236 100644 --- a/docs/administration/users.md +++ b/docs/administration/users.md @@ -16,20 +16,23 @@ Roles are used in the platform to grant the given groups with some **capabilitie | Capability | Description | |:--------------------------------------------------------|:----------------------------------------------------------------------------------------| +| `Allow modification of sensitive configuration` | Ability to perform changes on elements under Danger Zone. | | `Bypass all capabilities` | Just bypass everything including data segregation and enforcements. | | `Access knowledge` | Access in read-only to all the knowledge in the platform. | |   `Access to collaborative creation` | Create notes and opinions (and modify its own) on entities and relations. | +|   `Can use web interface export functions` | Ability to download widgets/graphs... as images/pdf. | |   `Create / Update knowledge` | Create and update existing entities and relationships. | |     `Restrict organization access` | Share entities and relationships with other organizations. | -|     `Delete knowledge` | Delete entities and relationships. | +|     `Delete knowledge` | Delete entities and relationships (and merge data). | |     `Manage authorized members` | Restrict the access to an entity to a user, group or organization. | |     `Bypass enforced reference` | If external references enforced in a type of entity, be able to bypass the enforcement. | -|     `Bypass mandatory fields` | Bypass any custom fields marked as mandatory in entity customization | +|     `Bypass mandatory fields` | Bypass any custom fields marked as mandatory in entity customization. | |   `Upload knowledge files` | Upload files in the `Data` and `Content` section of entities. | |   `Import knowledge` | Trigger the ingestion of an uploaded file. | |   `Download knowledge export` | Download the exports generated in the entities (in the `Data` section). | |     `Generate knowledge export` | Trigger the export of the knowledge of an entity. | |   `Ask for knowledge enrichment` | Trigger an enrichment for a given entity. | +|   `Disseminate files by email` | Ability to send a PDF/HTML generated as a Fintel to a dissemination list. | | `Access dashboards` | Access to existing custom dashboards. | |   `Create / Update dashboards` | Create and update custom dashboards. | |     `Delete dashboards` | Delete existing custom dashboards. | @@ -44,13 +47,14 @@ Roles are used in the platform to grant the given groups with some **capabilitie |   `Manage data sharing` | Share data such as TAXII collections, CSV feeds and live streams or custom dashboards. | | `Access ingestion` | Access (read only) remote OCTI streams, TAXII feeds, RSS feeds, CSV feeds. | |   `Manage ingestion` | Create, update, delete any remote OCTI streams, TAXII feeds, RSS feeds, CSV feeds. | -| `Manage CSV mappers` | Create, update and delete CSV mappers. | +| `Manage data mappers` | Create, update and delete CSV & JSON mappers. | | `Access to admin functionalities` | Parent capability allowing users to only view the settings. | |   `Access administration parameters` | Access and manage overall parameters of the platform in `Settings > Parameters`. | |   `Manage credentials` | Access and manage roles, groups, users, organizations and security policies. | |   `Manage marking definitions` | Update and delete marking definitions. | |   `Manage customization` | Customize entity types, rules, notifiers retention policies and decays rules. | |   `Manage taxonomies` | Manage labels, kill chain phases, vocabularies, status templates, cases templates. | +|   `Manage XTM hub` | Manage enrollment of the OpenCTI platform into XTMHub. | |   `Access to security activity` | Access to activity log. | |   `Access to file indexing` | Manage file indexing. | |   `Access to support` | Generate and download support packages. | From 0987d6db9085d03c88b3b1fa4c5e464b135a8dc5 Mon Sep 17 00:00:00 2001 From: nino-filigran <148041607+nino-filigran@users.noreply.github.com> Date: Fri, 5 Sep 2025 09:33:41 +0200 Subject: [PATCH 2/2] Apply suggestions from code review Co-authored-by: Alice Debra --- docs/administration/users.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/administration/users.md b/docs/administration/users.md index eea18236..c420abe5 100644 --- a/docs/administration/users.md +++ b/docs/administration/users.md @@ -20,7 +20,7 @@ Roles are used in the platform to grant the given groups with some **capabilitie | `Bypass all capabilities` | Just bypass everything including data segregation and enforcements. | | `Access knowledge` | Access in read-only to all the knowledge in the platform. | |   `Access to collaborative creation` | Create notes and opinions (and modify its own) on entities and relations. | -|   `Can use web interface export functions` | Ability to download widgets/graphs... as images/pdf. | +|   `Can use web interface export functions` | Ability to download widgets/graphs... as images/PDF. | |   `Create / Update knowledge` | Create and update existing entities and relationships. | |     `Restrict organization access` | Share entities and relationships with other organizations. | |     `Delete knowledge` | Delete entities and relationships (and merge data). |