Page tree
Skip to end of metadata
Go to start of metadata

Roles allow administrators to apply a specified set of permissions to individual users and groups, allowing administrators to specify exactly what each user can see and do. Each user or group can have multiple roles.

 

The Roles page can be found in the administration menu under Security. The roles page lists all the roles in Continua and allows you to create, edit and delete them.

Permission Grouping

Permissions in Continua have been grouped so that if you apply a certain permission, any other necessary permissions are automatically included. For example, if you grant someone access to Edit configuration, they automatically receive access to View configurations as well. Also included with Edit configuration are all the Build Permissions, as a build is an extension of a configuration.

Any of these included permissions can be overridden in the Access Control section.

Permission Definitions

NameIncludesAccess Granted
AdministratorAll permissionsAccess to the entire administration section and every other aspect of Continua. Administrators are the only users that can modify global security settings
Manage CI ServerManage CI agents, all config. and build permissions

Access to the Continuous Integration Administration section. Users need this permission to modify CI properties and set CI Issue Connectors.

This also includes agent management and all configuration and build functionality. (Note this permission does not include view project which is required to view configurations)

Manage CI Agents Access to the Agent administration section. Allows the user to authorise/deauthorise agents and delete agents
Project AdministratorAll project permissionsAccess to the Project security section. Also allows the user to create, edit and delete projects.
View Project Can see projects but cannot change any project settings.
Edit ProjectView projectCan modify any settings on existing projects. This does not grant access to the project security section.
Create ProjectEdit project, view projectCan create new projects and edit existing projects. This does not grant access to the project security section.
Delete ProjectEdit project, view projectCan delete existing projects and edit existing projects. This does not grant access to the project security section.
Configuration AdministratorAll configuration and build permissionsGrants full permission to configurations and builds. This also includes access to the configuration security section. (Note: to be able to view/modify a configuration, a user must also have View Project permissions on the configuration's parent project)
View Configuration Can see configurations and builds but cannot edit either the configuration or it's builds. This permission does not allow users to start or stop builds (Note: to be able to view/modify a configuration, a user must also have View Project permissions on the configuration's parent project)
Edit ConfigurationView Configuration, All build permissionsCan modify any settings on existing configurations. This does not grant access to the configuration security section. This also includes all build permissions. (Note: to be able to view/modify a configuration, a user must also have View Project permissions on the configuration's parent project)
Create ConfigurationEdit configuration, view configuration and all build permissionsCan create new configurations and edit existing configurations, including all build actions. This does not grant access to the configuration security section. (Note: to be able to view/modify a configuration, a user must also have View Project permissions on the configuration's parent project)
Delete ConfigurationEdit configuration, view configuration and all build permissionsCan delete and edit existing configurations. This does not grant access to the configuration security section. This also includes all build permissions. (Note: to be able to view/modify a configuration, a user must also have View Project permissions on the configuration's parent project)
Start Build Can start builds. (Note: to be able to view builds, a user must also have view configuration permissions on the build's configuration)
Stop Build Can stop builds. (Note: to be able to view builds, a user must also have view configuration permissions on the build's configuration)
Promote Stage Can promote a build to the next stage. (Note: to be able to view builds, a user must also have view configuration permissions on the build's configuration)
View/Download Artifacts Can view and download artifacts generated by a build. (Note: to be able to view builds, a user must also have view configuration permissions on the build's configuration)
Pin/Unpin Build Can pin and unpin builds. (Note: to be able to view builds, a user must also have view configuration permissions on the build's configuration)
Add Comment Can add and edit comments to builds. (Note: to be able to view builds, a user must also have view configuration permissions on the build's configuration)
Tag Builds Can tag builds. (Note: to be able to view builds, a user must also have view configuration permissions on the build's configuration)

 

Creating & Editing a Role

The permissions list contains every single permission in Continua grouped by category. All permissions that are selected will be applied to the selected role. If a permission is grayed out, then this permission is being included from another permission. For example, if edit configuration is selected then view configuration will also be selected as view is required to edit.

If a checkbox in the category header is selected then it will automatically check every permission in that category.

Once a role has been created it can then be linked to users and groups in the Access Control section

Deleting Roles

When a role is deleted, all associated permissions are deleted with it. This means that deleting a role will strip it's permissions from any users associated to that role.

 

  • No labels