Skip to content

Lib package

Permission

Bases: StrEnum

ADMIN class-attribute instance-attribute 

ADMIN = 'admin'

Limited organisation admin - create, manage users of their own organisation.

ANALYST_DATA class-attribute instance-attribute 

ANALYST_DATA = 'analyst_data'

Analyst data

AUDIT class-attribute instance-attribute 

AUDIT = 'audit'

Access to the audit logs of the user's organisation.

AUTH class-attribute instance-attribute 

AUTH = 'auth'

Users with this permission have access to authenticating via their Auth keys, granting them access to the API.

DECAYING class-attribute instance-attribute 

DECAYING = 'decaying'

Create or modify MISP Decaying Models.

DELEGATE class-attribute instance-attribute 

DELEGATE = 'delegate'

Allow users to create delegation requests for their own org only events to trusted third parties.

FULL class-attribute instance-attribute 

FULL = 'full'

todo: what is this permission for?

GALAXY_EDITOR class-attribute instance-attribute 

GALAXY_EDITOR = 'galaxy_editor'

Create or modify MISP Galaxies and MISP Galaxies Clusters.

MODIFY class-attribute instance-attribute 

MODIFY = 'modify'

Manage Own Events.

MODIFY_ORG class-attribute instance-attribute 

MODIFY_ORG = 'modify_org'

Manage Organisation Events.

OBJECT_TEMPLATE class-attribute instance-attribute 

OBJECT_TEMPLATE = 'object_template'

Create or modify MISP Object templates.

PUBLISH class-attribute instance-attribute 

PUBLISH = 'publish'

Publish Organisation Events.

PUBLISH_KAFKA class-attribute instance-attribute 

PUBLISH_KAFKA = 'publish_kafka'

Allow users to publish data to Kafka via the publish event to Kafka button.

PUBLISH_ZMQ class-attribute instance-attribute 

PUBLISH_ZMQ = 'publish_zmq'

Allow users to publish data to the ZMQ pubsub channel via the publish event to ZMQ button.

REGEXP_ACCESS class-attribute instance-attribute 

REGEXP_ACCESS = 'regexp_access'

Users with this role can modify the regex rules affecting how data is fed into MISP. Make sure that caution is advised with handing out roles that include this permission, user controlled executed regexes are dangerous.

SHARING_GROUP class-attribute instance-attribute 

SHARING_GROUP = 'sharing_group'

Permission to create or modify sharing groups.

SIGHTING class-attribute instance-attribute 

SIGHTING = 'sighting'

Permits the user to push feedback on attributes into MISP by providing sightings.

SITE_ADMIN class-attribute instance-attribute 

SITE_ADMIN = 'site_admin'

Unrestricted access to any data and functionality on this instance.

SKIP_OTP class-attribute instance-attribute 

SKIP_OTP = 'skip_otp'

permission to skip otp

SYNC class-attribute instance-attribute 

SYNC = 'sync'

Synchronisation permission, can be used to connect two MISP instances create data on behalf of other users. Make sure that the role with this permission has also access to tagging and tag editing rights.

TAGGER class-attribute instance-attribute 

TAGGER = 'tagger'

Users with roles that include this permission can attach or detach existing tags to and from events/attributes.

TAG_EDITOR class-attribute instance-attribute 

TAG_EDITOR = 'tag_editor'

This permission gives users the ability to create tags.

TEMPLATE class-attribute instance-attribute 

TEMPLATE = 'template'

Create or modify templates, to be used when populating events.

VIEW_FEED_CORRELATIONS class-attribute instance-attribute 

VIEW_FEED_CORRELATIONS = 'view_feed_correlations'

Allow the viewing of feed correlations. Enabling this can come at a performance cost.

WARNINGLIST class-attribute instance-attribute 

WARNINGLIST = 'warninglist'

Allow to manage warninglists.