From 7e3ae902b207745e7dec91837f8b9204f8956410 Mon Sep 17 00:00:00 2001 From: Rashi J Date: Mon, 22 Sep 2025 18:03:00 +0530 Subject: [PATCH 1/4] AIGOV-135 allow dataset link/unlink in model [beta] --- .../policy_cache_transformer_persona.json | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/addons/static/templates/policy_cache_transformer_persona.json b/addons/static/templates/policy_cache_transformer_persona.json index 75aa2497141..6d7edf050f5 100644 --- a/addons/static/templates/policy_cache_transformer_persona.json +++ b/addons/static/templates/policy_cache_transformer_persona.json @@ -1160,6 +1160,23 @@ "end-two-entity:*" ], "actions": ["add-relationship", "update-relationship", "remove-relationship"] + }, + { + "policyType": "ACCESS", + "policyResourceCategory": "RELATIONSHIP", + "description": "Link/unlink datasets to this AIModel", + "resources": [ + "relationship-type:*", + + "end-one-entity-type:AIModel", + "end-one-entity-classification:*", + "end-one-entity:*", + + "end-two-entity-type:Process", + "end-two-entity-type:ProcessExecution", + "end-two-entity:*" + ], + "actions": ["add-relationship", "remove-relationship"] } ], "persona-ai-model-delete": [ From c32ac56952e03ea326586b1f7ca03728995348e0 Mon Sep 17 00:00:00 2001 From: Rashi J Date: Mon, 22 Sep 2025 21:38:12 +0530 Subject: [PATCH 2/4] add-remove relation doesn't help, use entity update/delete process --- .../policy_cache_transformer_persona.json | 14 +++----------- 1 file changed, 3 insertions(+), 11 deletions(-) diff --git a/addons/static/templates/policy_cache_transformer_persona.json b/addons/static/templates/policy_cache_transformer_persona.json index 6d7edf050f5..a0c20c8a2b5 100644 --- a/addons/static/templates/policy_cache_transformer_persona.json +++ b/addons/static/templates/policy_cache_transformer_persona.json @@ -1164,19 +1164,11 @@ { "policyType": "ACCESS", "policyResourceCategory": "RELATIONSHIP", - "description": "Link/unlink datasets to this AIModel", + "description": "Add/remove datasets to this AIModel", "resources": [ - "relationship-type:*", - - "end-one-entity-type:AIModel", - "end-one-entity-classification:*", - "end-one-entity:*", - - "end-two-entity-type:Process", - "end-two-entity-type:ProcessExecution", - "end-two-entity:*" + "entity-type:Process" ], - "actions": ["add-relationship", "remove-relationship"] + "actions": ["entity-update", "entity-delete"] } ], "persona-ai-model-delete": [ From e9495071e0e6df5a8f2d8f47b05ac05e5ccdf950 Mon Sep 17 00:00:00 2001 From: Rashi J Date: Mon, 22 Sep 2025 22:24:01 +0530 Subject: [PATCH 3/4] add-remove relation both ways --- .../policy_cache_transformer_persona.json | 38 +++++++++++++++++-- 1 file changed, 35 insertions(+), 3 deletions(-) diff --git a/addons/static/templates/policy_cache_transformer_persona.json b/addons/static/templates/policy_cache_transformer_persona.json index c16c15be18f..10fb17eb39a 100644 --- a/addons/static/templates/policy_cache_transformer_persona.json +++ b/addons/static/templates/policy_cache_transformer_persona.json @@ -1164,11 +1164,43 @@ { "policyType": "ACCESS", "policyResourceCategory": "RELATIONSHIP", - "description": "Add/remove datasets to this AIModel", "resources": [ - "entity-type:Process" + "relationship-type:*", + "end-one-entity-type:AIModel", + "end-one-entity-classification:*", + "end-one-entity:*", + "end-one-entity:{entity}/*", + + "end-two-entity-type:Catalog", + "end-two-entity-type:Connection", + "end-two-entity-type:Process", + "end-two-entity-type:Namespace", + "end-two-entity-type:ProcessExecution", + "end-two-entity-classification:*", + "end-two-entity:*" ], - "actions": ["entity-update", "entity-delete"] + "actions": ["add-relationship", "remove-relationship"] + }, + { + "policyType": "ACCESS", + "policyResourceCategory": "RELATIONSHIP", + "resources": [ + "relationship-type:*", + + "end-one-entity-type:Catalog", + "end-one-entity-type:Connection", + "end-one-entity-type:Process", + "end-one-entity-type:Namespace", + "end-one-entity-type:ProcessExecution", + "end-one-entity-classification:*", + "end-one-entity:*", + + "end-two-entity-type:AIModel", + "end-two-entity-classification:*", + "end-two-entity:*", + "end-two-entity:{entity}/*" + ], + "actions": ["add-relationship", "remove-relationship"] } ], "persona-ai-model-delete": [ From 12e37fbab0786d393f3e42cc374a5fd27d9e6b90 Mon Sep 17 00:00:00 2001 From: Rashi J Date: Tue, 23 Sep 2025 12:36:01 +0530 Subject: [PATCH 4/4] process create/delete --- .../templates/policy_cache_transformer_persona.json | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/addons/static/templates/policy_cache_transformer_persona.json b/addons/static/templates/policy_cache_transformer_persona.json index 10fb17eb39a..93b4d3f3b2b 100644 --- a/addons/static/templates/policy_cache_transformer_persona.json +++ b/addons/static/templates/policy_cache_transformer_persona.json @@ -1201,6 +1201,16 @@ "end-two-entity:{entity}/*" ], "actions": ["add-relationship", "remove-relationship"] + }, + { + "policyResourceCategory": "ENTITY", + "policyType": "ACCESS", + "resources": [ + "entity:*", + "entity-type:Process", + "entity-classification:*" + ], + "actions": ["entity-create", "entity-update", "entity-delete"] } ], "persona-ai-model-delete": [