Approval Rules Vulnerability Response

divyayadav
Tera Contributor

Its an observation that when we use script to get approvers in approval rules of vulnerability response application , its not validating roles of given approver basis module(VR or AVR).

we need to provide sn_vul.exception_approver,sn_vul.app_exception_approver,sn_vul.read_all,sn_vul.app_read_all to user even if he only has to approve application vulnerable item's exception.

Is this a bug? Anybody else identified?

 

1 REPLY 1

mgroversigital
Tera Expert

I'm experiencing the same issue for some scripted approvals, although it doesn't seem to require the read_all roles.  Did you ever find a solution to this issue other than adding the roles to a large number of users/groups?