Access Control
Flakiness.io uses a role-based access control system to manage permissions across different levels of the application. This guide explains how organizations work and how to manage access rights effectively.
Core Concepts
Section titled “Core Concepts”Key Entities
Section titled “Key Entities”| Entity | Description |
|---|---|
| Users | Individuals who authenticate via GitHub |
| Organizations | Groups of users with shared permissions |
| Projects | Test data containers associated with organizations |
| Deployment | A flakiness.io instance (cloud or self-hosted) |
Role Hierarchy
Section titled “Role Hierarchy”Access control in flakiness.io operates at three levels:
- Deployment-level roles
- Organization roles
- Project roles
Role Types & Permissions
Section titled “Role Types & Permissions”Deployment Roles
Section titled “Deployment Roles”SuperAdmin
- Full deployment access
- Can create/modify/delete organizations
- Can assign Organization Admins
- Has access to deployment health statistics
- Can access deployment backoffice
Organization Roles
Section titled “Organization Roles”Org Admin
- Full organization control:
- Manage organization settings
- Add/remove users
- Assign member roles
- Create/delete projects
- Automatically receives Editor role for all projects
Org Member
- Basic organization access:
- Automatically receives Viewer access to all projects
- Can view organization details
Project Roles
Section titled “Project Roles”Editor
- Full project control:
- Modify project visibility
- Manage contributors
- Add/delete test results
- Access read-write project tokens
- Delete project
Viewer
- Read-only access:
- View test results
- Access test history
- View project statistics
Project Visibility
Section titled “Project Visibility”Projects can be set to one of two visibility levels:
| Visibility | Access |
|---|---|
| Public | Anyone (including non-logged users) gets Viewer access |
| Private | Only organization members can access; others receive 404 |
License Considerations
Section titled “License Considerations”Important notes about organization membership:
- External users can be given project roles
- All users (internal and external) consume organization license seats
- Project roles do not override organization-level restrictions
Best Practices
Section titled “Best Practices”- Start with a clear organization structure
- Use project visibility strategically
- Regularly audit user access
- Assign minimum necessary permissions
- Consider license implications when adding external users