kitos 07c6164ceb fix(permissions): hide action buttons for unauthorized roles ...

TestCatalogPage: 'Use Template' button had no role check — any user
(including viewer/blue_tech/red_tech) could see and click it, which
would fail at the backend (POST /tests/from-template requires
red_lead|blue_lead). Added canUseTemplate check; button hidden for
viewer, blue_tech, red_tech.

TechniqueDetailPage: 'Run This Test' / 'Re-run' buttons in the
Available Templates section also had no role check. Added canRunTemplate
(same criteria: admin|red_lead|blue_lead). The 'View test' button for
active tests remains visible to everyone (read-only navigation).

Principle: if a user cannot perform the action, the button does not
appear — no permission error messages, just absence of the control.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

2026-05-29 15:47:08 +02:00

..

AuditLogPage.tsx

fix(audit): show UTC suffix on timestamp display

2026-05-19 13:05:08 +02:00

CampaignDetailPage.tsx

fix(ui): make all Jira and time panels read-only everywhere

2026-05-29 11:33:55 +02:00

CampaignsPage.tsx

feat(phase-39): role-based access control overhaul + forced password change

2026-02-18 10:37:02 +01:00

ComparisonPage.tsx

fix: D3FEND expandable cards, System page cleanup, and multi-source improvements

2026-02-10 13:22:23 +01:00

CompliancePage.tsx

feat(compliance): add DORA (EU 2022/2554) framework with ATT&CK mappings

2026-05-29 13:52:51 +02:00

DashboardPage.tsx

feat(snapshots): evolution API, tactic breakdown and dashboard trend chart [FASE-5.2]

2026-05-18 15:07:12 +02:00

DataSourcesPage.tsx

feat(phase-22): add import services for Sigma, LOLBAS, GTFOBins, CALDERA, Elastic and data sources panel (T-203 to T-207)

2026-02-09 16:19:44 +01:00

ExecutiveDashboardPage.tsx

feat(dashboard): auto-compute risk scores + refresh button on Critical Gaps

2026-05-28 15:58:49 +02:00

LoginPage.tsx

fix: D3FEND ontology-based import, template management UX, and branding

2026-02-10 15:53:24 +01:00

MatrixPage.tsx

feat(phase-27): add advanced ATT&CK Navigator-style heatmap with layers, filters and export (T-221 to T-223)

2026-02-09 17:16:59 +01:00

ReportsPage.tsx

feat(phase-19): add remediation fields and reports system (T-130, T-131)

2026-02-09 13:58:35 +01:00

ReviewQueuePage.tsx

feat(review-queue): MITRE update review queue for leads

2026-05-29 08:58:32 +02:00

SettingsPage.tsx

fix(jira,evidence,tempo,settings): 4-issue fix batch

2026-05-28 11:06:31 +02:00

SystemPage.tsx

fix(qa): CSP hash, remove pencil icon, fetch full template on modal open

2026-05-19 12:53:02 +02:00

TechniqueDetailPage.tsx

fix(permissions): hide action buttons for unauthorized roles

2026-05-29 15:47:08 +02:00

TechniquesPage.tsx

fix(auth,frontend): secure cookie HTTP fix, technique links y CSP

2026-05-19 09:28:39 +02:00

TestCatalogPage.tsx

fix(permissions): hide action buttons for unauthorized roles

2026-05-29 15:47:08 +02:00

TestCreatePage.tsx

feat: production deployment setup and hardcoded URL fixes

2026-02-10 16:04:16 +01:00

TestDetailPage.tsx

fix(tests): move showTemplateModal useState before early returns (React #310)

2026-05-29 13:29:17 +02:00

TestsPage.tsx

feat(tests): add Validated Tests as dedicated page, remove duplicate sidebar entry

2026-05-28 17:18:21 +02:00

ThreatActorDetailPage.tsx

feat(frontend): render markdown in description and summary fields

2026-05-29 08:38:53 +02:00

ThreatActorsPage.tsx

feat(phase-23): add Threat Actor profiles with MITRE CTI import, API, heatmap and gap analysis (T-208 to T-212)

2026-02-09 16:27:38 +01:00

UsersPage.tsx

feat(phase-39): role-based access control overhaul + forced password change

2026-02-18 10:37:02 +01:00

ValidatedTestsPage.tsx

feat(tests): add Validated Tests as dedicated page, remove duplicate sidebar entry

2026-05-28 17:18:21 +02:00