Access Control

Access control in RIPS is done separately for every application. This can be managed, with the same options, for users or for teams.  You are able to provide access for users and teams in which one positive access result is sufficient enough to grant access. That means that if the user's team has no access but he itself has access to the application he is granted access regardless (and vice versa). Chief (admin) users always have full control over every application (see Privileged Users for more information).

The following access rights are supported for both users and teams:

  • View: Allows to view this application and all associated entries (scans, issues, etc.).
  • Scan: Allows to start new scans of this application.
  • Edit: Allows to edit the applications settings and reviews of issues.
  • Create: Allows to create comments for issues of this application.
  • Delete: Allows to delete scans and comments of this application.
  • Manage: Allows to manage this application and the applications access control.

In order to add access rights for a user / team you can just use the Add/Remove Existing Users section. Removing an entry is done by clicking on the cross in the table below.