Weekly Permissions sync 2024-12-27

marabooy · marabooy · commit dcc804de18f4 · 2024-12-27T03:18:48.000+03:00
diff --git a/permissions/new/ProvisioningInfo.json b/permissions/new/ProvisioningInfo.json
@@ -5266,6 +5266,24 @@
                 "resourceAppId": ""
             }
         ],
+        "FormsBody.ReadWrite.All": [
+            {
+                "id": "",
+                "scheme": "DelegatedWork",
+                "environment": "public",
+                "isHidden": true,
+                "isEnabled": true,
+                "resourceAppId": "c9a559d2-7aab-4f13-a6ed-e7e9c52aec87"
+            },
+            {
+                "id": "",
+                "scheme": "Application",
+                "environment": "public",
+                "isHidden": true,
+                "isEnabled": true,
+                "resourceAppId": "c9a559d2-7aab-4f13-a6ed-e7e9c52aec87"
+            }
+        ],
         "Goals-Export.Read.All": [
             {
                 "scheme": "DelegatedWork",
@@ -10077,15 +10095,15 @@
                 "id": "dd689728-6eb8-4deb-bd38-2924a935f3de",
                 "scheme": "DelegatedWork",
                 "environment": "public",
-                "isHidden": true,
+                "isHidden": false,
                 "isEnabled": true,
                 "resourceAppId": "8ee8fdad-f234-4243-8f3b-15c294843740"
             },
             {
                 "id": "4d6e30d1-e64e-4ae7-bf9d-c706cc928cef",
                 "scheme": "Application",
                 "environment": "public",
-                "isHidden": true,
+                "isHidden": false,
                 "isEnabled": true,
                 "resourceAppId": "8ee8fdad-f234-4243-8f3b-15c294843740"
             }
@@ -10167,15 +10185,15 @@
                 "id": "d8914f8f-9f64-4bd1-b4d3-f5a701ed8457",
                 "scheme": "DelegatedWork",
                 "environment": "public",
-                "isHidden": true,
+                "isHidden": false,
                 "isEnabled": true,
                 "resourceAppId": "8ee8fdad-f234-4243-8f3b-15c294843740"
             },
             {
                 "id": "8b7e8c0a-7e9d-4049-97ec-04b5e1bcaf05",
                 "scheme": "Application",
                 "environment": "public",
-                "isHidden": true,
+                "isHidden": false,
                 "isEnabled": true,
                 "resourceAppId": "8ee8fdad-f234-4243-8f3b-15c294843740"
             }
diff --git a/permissions/new/permissions.json b/permissions/new/permissions.json
@@ -36389,6 +36389,44 @@
         "ownerSecurityGroup": "cpcgraph"
       }
     },
+    "RoleManagement.Read.Defender": {
+      "schemes": {
+        "DelegatedWork": {
+          "adminDisplayName": "Read M365 Defender RBAC configuration",
+          "adminDescription": "Allows the app to read the role-based access control (RBAC) settings for your company's directory, on behalf of the signed-in user. This includes reading M365 Defender role definitions and role assignments.",
+          "userDisplayName": "Read M365 Defender RBAC configuration",
+          "userDescription": "Allows the app to read the role-based access control (RBAC) settings for your company's directory, on behalf of the signed-in user. This includes reading M365 Defender role definitions and role assignments.",
+          "requiresAdminConsent": true,
+          "privilegeLevel": 3
+        },
+        "Application": {
+          "adminDisplayName": "Read M365 Defender RBAC configuration",
+          "adminDescription": "Allows the app to read the role-based access control (RBAC) settings for your company's directory, without a signed-in user.",
+          "requiresAdminConsent": true,
+          "privilegeLevel": 4
+        }
+      },
+      "pathSets": [
+        {
+          "schemeKeys": [
+            "DelegatedWork",
+            "Application"
+          ],
+          "methods": [
+            "GET"
+          ],
+          "paths": {
+            "/rolemanagement/defender/roleassignments": "least=DelegatedWork,Application",
+            "/rolemanagement/defender/roleassignments/{id}": "least=DelegatedWork,Application",
+            "/rolemanagement/defender/roledefinitions": "least=DelegatedWork,Application",
+            "/rolemanagement/defender/roledefinitions/{id}": "least=DelegatedWork,Application"
+          }
+        }
+      ],
+      "ownerInfo": {
+        "ownerSecurityGroup": "mdatpUrbac"
+      }
+    },
     "RoleManagement.Read.Directory": {
       "schemes": {
         "DelegatedWork": {
@@ -36595,6 +36633,71 @@
         "ownerSecurityGroup": "cpcgraph"
       }
     },
+    "RoleManagement.ReadWrite.Defender": {
+      "schemes": {
+        "DelegatedWork": {
+          "adminDisplayName": "Read M365 Defender RBAC configuration",
+          "adminDescription": "Allows the app to read the role-based access control (RBAC) settings for your company's directory, on behalf of the signed-in user. This includes reading M365 Defender role definitions and role assignments.",
+          "userDisplayName": "Read M365 Defender RBAC configuration",
+          "userDescription": "Allows the app to read the role-based access control (RBAC) settings for your company's directory, on behalf of the signed-in user. This includes reading M365 Defender role definitions and role assignments.",
+          "requiresAdminConsent": true,
+          "privilegeLevel": 3
+        },
+        "Application": {
+          "adminDisplayName": "Read M365 Defender RBAC configuration",
+          "adminDescription": "Allows the app to read the role-based access control (RBAC) settings for your company's directory, without a signed-in user.",
+          "requiresAdminConsent": true,
+          "privilegeLevel": 4
+        }
+      },
+      "pathSets": [
+        {
+          "schemeKeys": [
+            "DelegatedWork",
+            "Application"
+          ],
+          "methods": [
+            "GET"
+          ],
+          "paths": {
+            "/roleManagement/defender/roleassignments": "",
+            "/roleManagement/defender/roleassignments/{id}": "",
+            "/rolemanagement/defender/roledefinitions": "",
+            "/rolemanagement/defender/roledefinitions/{id}": ""
+          }
+        },
+        {
+          "schemeKeys": [
+            "DelegatedWork",
+            "Application"
+          ],
+          "methods": [
+            "POST"
+          ],
+          "paths": {
+            "/roleManagement/defender/roleassignments": "least=DelegatedWork,Application",
+            "/rolemanagement/defender/roledefinitions": "least=DelegatedWork,Application"
+          }
+        },
+        {
+          "schemeKeys": [
+            "DelegatedWork",
+            "Application"
+          ],
+          "methods": [
+            "DELETE",
+            "PATCH"
+          ],
+          "paths": {
+            "/roleManagement/defender/roleassignments/{id}": "least=DelegatedWork,Application",
+            "/rolemanagement/defender/roledefinitions/{id}": "least=DelegatedWork,Application"
+          }
+        }
+      ],
+      "ownerInfo": {
+        "ownerSecurityGroup": "mdatpUrbac"
+      }
+    },
     "RoleManagement.ReadWrite.Directory": {
       "schemes": {
         "DelegatedWork": {
