Product User Management
This part of the user guide is dedicated to user management for a certain “Product” as the chapter title suggests.
So, it means that when the user clicks on the “Product” tab on the left screen side, a list of products appears. Then, the user can choose the right product from the list (where the user right should be adjusted) and click on it. The user's list for certain “Product” will be displayed, and now it is just about to find the right one and change the credentials using the “Edit” button (located in the same line as the user whose rights should be adjusted). Choose the best one from the drop-down menu:
Maintainer - the highest privileges possible to assign for the product member. This role is able to manage users for certain “Product”
Writer - these roles cover editing the Product itself, without the possibility to manage the users itself
Reader - it is like auditor role, where users with this privilege are able to check the “Product” but unable to do any changes
None - it represents the same action like user deactivation for certain “Product”
After Clicking on the “Edit” button, a user can manage permission for product members. He can choose from roles “Maintainer”, “Writer”, “Reader” or “none”. If a user chooses the “none” option, the product member will be unassigned from a specific product, in other cases member will get permissions based on the role which will be chosen. By clicking on the button “OK” a user safe new changes for product members.
Roles Reader, Writer or Maintainer maps role inside of SVMP with given permissions:
Remove yourself from Product
Manage Product members
(Re-)Import Scan Result
View Finding Group
Add Finding Group
Edit Finding Group
Delete Finding Group
View Note History
Every user is allowed to delete his own notes
If some of the permissions are not explicitly listed, it means Reader nor Writer has not right for a particular action.