Skip to content

Setting up user roles

Jump to bottom
Nick DeChant edited this page Jan 13, 2016 · 1 revision

Teletraan supports authentication and authorization with OAuth and Teletraan isssued tokens. Authentication and authorization can be turned on/off in any combination you would like.

To enable either, navigate to the deploy-service/teletraanservice/bin/server.yaml file and uncomment authentication and/or authorization.

Note: Under 'authentication', the 'userDataUrl' is the URL where you query for user info with an OAuth token.

#===============================
# Token based authentication, the token could be OAuth token, or Teletraan
# issued script token
#===============================
authentication:
  type: token
  userDataUrl: https://your-oauth-server.com/
  tokenCacheSpec: maximumSize=1000,expireAfterWrite=10m

#===============================
# Token based authorization, like authentication, the token could be an OAuth
# token or Teletraan issued token
#===============================
authorization:
  type: role
  roleCacheSpec: maximumSize=10000, expireAfterAccess=10m

Right now we give users environment level control in the form of roles:

  • READ: All users have this role. It is unspecified in the Admin Panel as everyone defaults to it. This role allows users to see everything in Teletraan, but the user cannot make any changes or deploy on an environment.

  • OPERATOR: Can change configurations and options as well as deploy for all stages in a specific environment.

  • ADMIN: Can change configurations and options as well as deploy for all stages in a specific environment. Can add/update/delete user permissions for a specific environment.

Here are the steps for assigning role-based permissions for your Teletraan environments:

  1. Navigate to the environment you are interested in adding users to.

  2. Click configure.

  1. Click the 'Admin Panel' button on the left action menu. This will bring you to a page to manage user roles. Only environment ADMINs can make changes here. The original ADMIN is the person who created the environment and will be listed on this page.

  2. To add a new user click 'Add'.

  1. Enter the user's username and select a permission level then click 'Add'.

  1. Click 'Save' when you are finished adding new users.
Clone this wiki locally