GuidesAPI Reference
Guides

Roles

This section provides comprehensive information about roles and user management in Code Pipes, focusing on RBAC (Role Based Access Control) roles. RBAC roles define the permissions granted to users for various Code Pipes entities, such as organizations, projects, and environments. Users are assigned different roles based on their responsibilities and access requirements within the system.

Suggest Edits

Overview

RBAC roles in Code Pipes determine what actions a user can perform on specific entities. Here are the key roles supported by Code Pipes:

  • Admin: An admin has full control over an entity and its child entities. They can create, update, modify, and delete them.

  • Editor: An editor can view and edit an entity and its child entities, but they cannot delete them.

  • Viewer: A viewer has read-only access to an entity and its child entities. They can view the displayed attributes but cannot make any modifications.

  • Limited: A limited user may have restricted access to certain child entities under a parent entity. The level of access can vary (admin, editor, or viewer) depending on the specific child entity.

Please note that assigning the limited role directly to an entity is not possible. Instead, when a user is granted access to a child entity without access to the parent entity, Code Pipes automatically assigns them limited access to the parent entity for navigation purposes.

Code Pipes Hierarchy and Role Inheritance

Code Pipes entities are organized in the following hierarchy.

             Organization
                   |
            +------+------+
          Proj-1  Proj-2  Proj-n
                   |
                   |
    +----+----+         +----+----+ 
    |    |    |         |    |    | 
  Env-1 Env-2 Env-n  App-1 App-2 App-n
          |__________________|
          |__________________|
          |__________________|

Here are a few examples of role inheritance within this hierarchy:

  • Being an admin for an organization grants admin access to all of its child entities.
  • Having viewer access to an organization and editor access to a project results in editor access to all the project's child entities.
  • If you are an editor for an organization and a viewer for a project, you will still have editor access to that project and its child entities.
  • Having no access to an organization and project but viewer access to an application grants limited access to the project and organization.

Role Assignment and Management

Code Pipes offers various methods for role assignment and management. Here are some examples:

  • When you create an entity, you are automatically assigned the admin role for that entity.
  • If you have admin access to an entity, you can assign specific roles to other users using the CLI (Command Line Interface) or API.

By understanding RBAC roles and utilizing the available management features, you can effectively control user access and permissions within Code Pipes.

Adding members to organisation

org-invite

Adding members to project

project-add-member

Updated about 1 year ago