User permission charts

Role Permission Chart

This chart is intended to list all permissions related to a Product or Product Type, as well as which permissions are available to each role.

SectionPermissionReaderWriterMaintainerOwnerAPI Importer
Product / Product Type AccessView assigned Product or Product Type ¹☑️☑️☑️☑️☑️
View nested Products, Engagements, Tests, Findings, Endpoints☑️☑️☑️☑️☑️
Add new Products (within assigned Product Type) ²☑️☑️
Delete assigned Products or Product Types☑️
Product / Product Type MembershipAdd Users as Members (excluding Owner Role)☑️☑️
Edit member Roles (excluding Owner Role)☑️☑️
Edit member Roles (including Owner Role)☑️
Remove self from Product / Product Type membership☑️☑️☑️☑️
Add an Owner Role to another User☑️
Edit an associated Product/Product Type Membership within a Group³☑️
Delete an associated Product/Product Type Membership within a Group³
Engagements (Within a Product)Add, Edit Engagements☑️☑️☑️☑️
Add, Edit Risk Acceptances☑️☑️☑️
Delete Engagements☑️☑️
Tests (Within a Product)Add Tests☑️☑️☑️
Edit Tests☑️☑️☑️☑️
Delete Tests☑️☑️
Findings (Within a Product)Add Findings☑️☑️☑️
Edit Findings☑️☑️☑️
Import, Reimport Scan Results☑️☑️☑️☑️
Delete Findings☑️☑️
Add, Edit, Delete Finding Groups☑️☑️☑️
Other Data (Within a Product)Add, Edit Endpoints☑️☑️☑️
Delete Endpoints☑️☑️
Edit Benchmarks☑️☑️☑️
Delete Benchmarks☑️☑️
View Note History☑️☑️☑️☑️
Add, Edit, Delete Own Notes☑️☑️☑️☑️☑️
Edit Other Notes☑️☑️☑️☑️
Delete Other Notes☑️☑️
  1. A user who is assigned permissions at the Product level only cannot view the Product Type it is contained in.
  2. When a new Product is added underneath a Product Type, all Product Type-level Users will be added as Members of the new Product with their Product Type-level Role.
  3. The user who wishes to make changes to a Group must also have Edit Group Configuration Permissions, and a Maintainer or Owner Group Configuration Role in the Group they wish to edit.

Configuration Permission Chart

Each Configuration Permission refers to a particular function in the software, and has an associated set of actions a user can perform related to this function.

The majority of Configuration Permissions give users access to certain pages in the UI.

Configuration PermissionView ☑️Add ☑️Edit ☑️Delete ☑️
Credential ManagerAccess the ⚙️Configuration > Credential Manager pageAdd new entries to the Credential ManagerEdit Credential Manager entriesDelete Credential Manager entries
Development Environmentsn/aAdd new Development Environments to the 🗓️Engagements > Environments listEdit Development Environments in the 🗓️Engagements > Environments listDelete Development Environments from the 🗓️Engagements > Environments list
Finding Templates¹Access the Findings > Finding Templates pageAdd a Finding TemplateEdit a Finding TemplateDelete a Finding Template
GroupsAccess the 👤Users > Groups pageAdd a new User GroupSuperuser onlySuperuser only
Jira InstancesAccess the ⚙️Configuration > JIRA pageAdd a new JIRA ConfigurationEdit an existing JIRA ConfigurationDelete a JIRA Configuration
Language Types
Login Bannern/an/aEdit the login banner, located under ⚙️Configuration > Login Bannern/a
Announcementsn/an/aConfigure Announcements, located under ⚙️Configuration > Announcementsn/a
Note TypesAccess the ⚙️Configuration > Note Types pageAdd a Note TypeEdit a Note TypeDelete a Note Type
Product Typesn/aAdd a new Product Type (under Products > Product Type)n/an/a
QuestionnairesAccess the Questionnaires > All Questionnaires pageAdd a new QuestionnaireEdit an existing QuestionnaireDelete a Questionnaire
QuestionsAccess the Questionnaires > Questions pageAdd a new QuestionEdit an existing Questionn/a
Regulationsn/aAdd a Regulation to the ⚙️Configuration > Regulations pageEdit an existing RegulationDelete a Regulation
SLA ConfigurationAccess the ⚙️Configuration > SLA Configuration pageAdd a new SLA ConfigurationEdit an existing SLA ConfigurationDelete an SLA Configuration
Test Typesn/aAdd a new Test Type (under Engagements > Test Types)Edit an existing Test Typen/a
Tool ConfigurationAccess the ⚙️Configuration > Tool Configuration pageAdd a new Tool ConfigurationEdit an existing Tool ConfigurationDelete a Tool Configuration
Tool TypesAccess the ⚙️Configuration > Tool Types pageAdd a new Tool TypeEdit an existing Tool TypeDelete a Tool Type
UsersAccess the 👤Users > Users pageAdd a new User to DefectDojoEdit an existing UserDelete a User
  1. Access to the Finding Templates page also requires the Writer, Maintainer or Owner Global Role for this user.

Group Configuration Permissions

Configuration PermissionReaderMaintainerOwner
View Group☑️☑️☑️
Remove self from Group☑️☑️☑️
Edit a Member’s role in a Group☑️☑️
Edit or Delete a Product or Product Type Membership from a Group¹☑️☑️
Change a Group Member’s role to Owner☑️
Delete Group☑️
  1. This also requires the User to have at least a Maintainer Role on the Product or Product Type which they wish to edit.