Privilege segregation for viewer or a separate privilege for closing the vulnerability

[de-adshot]

When I create credentials for the user from different departments peoples I give the viewer permission In this case, the viewer has the right to comment on each and every vulnerability. In certain cases, I want the viewer to close the vulnerability by attaching the evidence and close the vulnerability. For closing the vulnerability I have to give the user the moderator or any other permission to close the finding. But including the close finding option, the user is also getting the edit vulnerability privilege and this is not required except for the analyst who is adding the vulnerability or the admin.

Suggesting Solution It would be great if there is a separate user privilege with close and view finding or separate option when creating user the user if he can edit the vulnerability or not so that we can make sure the integrity of the vulnerability is not being impacted at any cost.