-
-
Notifications
You must be signed in to change notification settings - Fork 14
Description
Is your enhancement request related to a problem? Please describe.
During tests we noticed that "Scan all packages" is not available to staff users with Engineering or Data Administration role. Instead it is only available to superusers. Given that SBOMs are oftentimes missing information, such as the download URL, scanning needs to be done after running "Improve Packages from PurlDB". If the option "Scan all packages" is not available, this would greatly complicate daily work.
dejacode/product_portfolio/views.py
Lines 704 to 712 in e80db0e
include_scancodeio_features = all( | |
[ | |
scancodeio.is_configured(), | |
user.is_superuser, | |
dataspace.enable_package_scanning, | |
context["is_user_dataspace"], | |
] | |
) | |
context["has_scan_all_packages"] = include_scancodeio_features |
dejacode/product_portfolio/views.py
Lines 1965 to 1970 in e80db0e
conditions = [ | |
scancodeio.is_configured(), | |
user.is_superuser, | |
user_dataspace.enable_package_scanning, | |
user_dataspace.name == dataspace, | |
] |
Unless there is a reason why this functionality is limited to superusers, that I am not aware of, I would suggest that staff user and a suitable role should be enough restrictions to limit who can trigger that functionality.
What are the benefits of the requested enhancement?
All packages could be scanned after using "Improve Packages from PurlDB" to add download URLs to packages in the inventory.
Describe the solution you would like
Access should not be limited to superusers but instead to staff users with a suitable role.
Additional notes
n.a.