feat: Add initial scope checks via decorators (#7737)

packages/cli/src/permissions/roles.ts

@@ -7,11 +7,17 @@ export const ownerPermissions: Scope[] = [
 	'workflow:delete',
 	'workflow:list',
 	'workflow:share',
+	'tag:create',
+	'tag:read',
+	'tag:update',
+	'tag:delete',
+	'tag:list',
 	'user:create',
 	'user:read',
 	'user:update',
 	'user:delete',
 	'user:list',
+	'user:resetPassword',
 	'credential:create',
 	'credential:read',
 	'credential:update',
@@ -26,17 +32,35 @@ export const ownerPermissions: Scope[] = [
 	'sourceControl:pull',
 	'sourceControl:push',
 	'sourceControl:manage',
-	'externalSecretsStore:create',
-	'externalSecretsStore:read',
-	'externalSecretsStore:update',
-	'externalSecretsStore:delete',
-	'externalSecretsStore:list',
-	'externalSecretsStore:refresh',
-	'tag:create',
-	'tag:read',
-	'tag:update',
-	'tag:delete',
-	'tag:list',
+	'externalSecretsProvider:create',
+	'externalSecretsProvider:read',
+	'externalSecretsProvider:update',
+	'externalSecretsProvider:delete',
+	'externalSecretsProvider:list',
+	'externalSecretsProvider:sync',
+	'externalSecret:list',
+	'orchestration:read',
+	'orchestration:list',
+	'communityPackage:install',
+	'communityPackage:uninstall',
+	'communityPackage:update',
+	'communityPackage:list',
+	'ldap:manage',
+	'ldap:sync',
+	'saml:manage',
+	'eventBusEvent:create',
+	'eventBusEvent:read',
+	'eventBusEvent:update',
+	'eventBusEvent:delete',
+	'eventBusEvent:list',
+	'eventBusEvent:query',
+	'eventBusEvent:create',
+	'eventBusDestination:create',
+	'eventBusDestination:read',
+	'eventBusDestination:update',
+	'eventBusDestination:delete',
+	'eventBusDestination:list',
+	'eventBusDestination:test',
 ];
 export const adminPermissions: Scope[] = ownerPermissions.concat();
 export const memberPermissions: Scope[] = [
@@ -47,4 +71,8 @@ export const memberPermissions: Scope[] = [
 	'tag:read',
 	'tag:update',
 	'tag:list',
+	'eventBusEvent:list',
+	'eventBusEvent:read',
+	'eventBusDestination:list',
+	'eventBusDestination:test',
 ];