Feature Request: Granular Case Permissions — Allow Write Access Without Delete Permission

[Scriptception]

Description: Currently, DFIR-IRIS case access control allows for three levels: "deny_all," "read_only," and "full_access." However, "full_access" also grants users permission to delete cases, which poses a risk in collaborative environments. There is no way to allow users to contribute (add notes, attach evidence, update the case) while preventing them from deleting the case itself.

Feature Request: Introduce granular permission controls for cases, such as:

• A "contribute" or "write" permission that allows users to add notes, evidence, comments, and update case details.
• A "delete" permission that is separate from "contribute," so only designated admins or roles can remove or close cases.
• Ideally, allow custom role definitions for more flexible access management.

Use Case: This is critical for teams where many analysts contribute to cases, but only admins should have authority to delete or close cases to prevent accidental or malicious data loss.

Additional Context: This feature would enhance IRIS usability and safety in enterprise environments and aligns with least-privilege security best practices.