DefectDojo
diff --git a/‎docs/assets/images/odic.png‎ ‎docs/assets/images/oidc.png‎docs/assets/images/odic.png renamed to docs/assets/images/oidc.png b/‎docs/assets/images/odic.png‎ ‎docs/assets/images/oidc.png‎docs/assets/images/odic.png renamed to docs/assets/images/oidc.png
diff --git a/‎docs/assets/images/pro_permissions.png‎
118 KB b/‎docs/assets/images/pro_permissions.png‎
118 KB
diff --git a/‎docs/assets/images/pro_permissions_2.png‎
171 KB b/‎docs/assets/images/pro_permissions_2.png‎
171 KB
diff --git a/‎docs/assets/images/view_history_ui.png‎
272 KB b/‎docs/assets/images/view_history_ui.png‎
272 KB
diff --git a/‎docs/config/_default/hugo.toml‎
Lines changed: 1 addition & 1 deletion b/‎docs/config/_default/hugo.toml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎docs/content/en/changelog/changelog.md‎
Lines changed: 2 additions & 2 deletions b/‎docs/content/en/changelog/changelog.md‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎docs/content/en/customize_dojo/user_management/about_perms_and_roles.md‎
Lines changed: 4 additions & 2 deletions b/‎docs/content/en/customize_dojo/user_management/about_perms_and_roles.md‎
Lines changed: 4 additions & 2 deletions
diff --git a/‎docs/content/en/customize_dojo/user_management/audit_logging.md‎
Lines changed: 30 additions & 0 deletions b/‎docs/content/en/customize_dojo/user_management/audit_logging.md‎
Lines changed: 30 additions & 0 deletions
diff --git a/‎docs/content/en/customize_dojo/user_management/create_user_group.md‎
Lines changed: 1 addition & 1 deletion b/‎docs/content/en/customize_dojo/user_management/create_user_group.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎docs/content/en/customize_dojo/user_management/pro_permissions_overhaul.md‎
Lines changed: 21 additions & 0 deletions b/‎docs/content/en/customize_dojo/user_management/pro_permissions_overhaul.md‎
Lines changed: 21 additions & 0 deletions
@@ -3,7 +3,7 @@ baseurl = "http://localhost/"
 canonifyURLs = false
 disableAliases = true
 disableHugoGeneratorInject = true
-# disableKinds = ["taxonomy", "term"]
+disableKinds = ["taxonomy", "term"]
 enableEmoji = true
 enableGitInfo = false
 enableRobotsTXT = true
 
@@ -14,9 +14,9 @@ For Open Source release notes, please see the [Releases page on GitHub](https://
 
 - **(Beta UI)** Added a field in the View Engagement page which allows a user to navigate to the linked Jira Epic, if one exists.
 - **(Universal Parser)** XML is now a supported file type for Universal Parser.
-- **(SSO)** SSO can now be set up with any kind of [OIDC Configuration](https://auth0.com/docs/authenticate/protocols/openid-connect-protocol).  See ODIC Settings in the Beta UI:
+- **(SSO)** SSO can now be set up with any kind of [OIDC Configuration](https://auth0.com/docs/authenticate/protocols/openid-connect-protocol).  See OIDC Settings in the Beta UI:
 
-![image](images/odic.png)
+![image](images/oidc.png)
 
 ### Mar 3, 2025: v2.44.0
 
 
@@ -1,11 +1,13 @@
 ---
-title: "User permissions & Roles"
+title: "Permissions in DefectDojo"
 description: "Summary of all DefectDojo permission options, in detail"
-weight: 1
+weight: 2
 ---
 
 If you have a team of users working in DefectDojo, it's important to set up Role\-Based Access Control (RBAC) appropriately so that users can only access specific data. Security data is highly sensitive, and DefectDojo's options for access control allow you to be specific about each team member’s access to information.
 
+This article is an overview of how permissions in DefectDojo work.  If you would prefer to see a detailed breakdown of **each action** that can be controlled by Permissions, see our **[Permissions Chart](../user_permission_chart/)** article.
+
 ## Types of Permissions
 
 DefectDojo manages four different kinds of permissions:
 
@@ -0,0 +1,30 @@
+---
+title: "Audit Logs"
+description: "Access audit logs for DefectDojo objects"
+weight: 1
+---
+
+Audit logs for DefectDojo can be accessed in a few different ways.
+
+## Individual Object Logs
+* DefectDojo objects each have an associated Object History, which can be accessed through the UI.  These histories are recorded for Products, Engagements, Tests, Findings and Endpoints, as well as Risk Acceptances.
+
+In the Classic (Open-Source) UI, this history is found under the '☰' (hamburger) menu on an object.  In the Pro UI, this history is found under the blue '⚙️' (gear) menu for the object in question.
+
+![image](images/view_history_ui.png)
+
+## Object History Endpoint (Pro Only)
+
+<span style="background-color:rgba(242, 86, 29, 0.3)">DefectDojo Pro</span> users have access to a `/history` API path for these objects to view similar data.  For example: `/api/v2/findings/{id}/history/`.
+
+## Audit Log Endpoint (Pro Only)
+
+<span style="background-color:rgba(242, 86, 29, 0.3)">DefectDojo Pro</span> users also have access to a dedicated `/audit_log` endpoint for their entire instance.  This log can only be accessed by users or API tokens with superuser permissions.
+
+This API returns 31 days of audit logs.
+
+* Sending default or empty parameters will return the last 31 days of audit logs.
+* Parameter `window_month` which will take a month and year in the format MM-YYYY and provide the audit logs for that month.
+* You can set the `window_start` parameter to limit these logs to a shorter window, rather than returning the entire month.
+
+For more information, see the API documentation, located in your instance: `your-instance.cloud.defectdojo.com/api/v2/oa3/swagger-ui/`
@@ -1,5 +1,5 @@
 ---
-title: "Create a User Group for shared permissions"
+title: "Share permissions: User Groups"
 description: "Share and maintain permissions for many users"
 weight: 3
 ---
 
@@ -0,0 +1,21 @@
+---
+title: "🟧 Set Permissions in Pro"
+description: "Overhaul, pro feature"
+weight: 3
+---
+
+Permissions in <span style="background-color:rgba(242, 86, 29, 0.3)">DefectDojo Pro</span> have been simplified, to make it easier to assign object access.  This feature can be accessed through the [Beta UI](/en/about_defectdojo/ui_pro_vs_os/).
+
+### Opening the Permissions window 
+
+![image](images/pro_permissions.png)
+
+When looking at Product Type or Product, you can open the Permissions window to set permissions quickly.  This menu can be found in a Table by clicking the horizontal dots **"⋮"**.  IF looking at an individual **Product** or **Product Type** page, this menu can be found under the blue gear ‘⚙️’.
+
+## Setting Permissions through the permissions window
+
+![image](images/pro_permissions_2.png)
+
+1. At the top of this window, you can choose to manage permissions for an individual user or for a [user group](../create_user_group).
+2. Here, you can select a user or group to add to the Product, and select  the [Role](../about_perms_and_roles) that you want that user to have.
+3. On the lower table, you can see a list of all users or groups who have access to this object.  You can also quickly assign a new role for one of these users or groups from the drop-down menu.