-
Notifications
You must be signed in to change notification settings - Fork 34
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add docs for user roles #3099
Add docs for user roles #3099
Conversation
When incorporating a user into your project, it's crucial to assign them the appropriate role based on their responsibilities and required access levels. | ||
Minder currently offers the following roles: | ||
|
||
- `viewer`: Provides read-only access to the project. Users with this role can view associated resources such as enrolled repositories, rule types, and profiles. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think they can also see the status of rule evaluations, right?
Minder currently offers the following roles: | ||
|
||
- `viewer`: Provides read-only access to the project. Users with this role can view associated resources such as enrolled repositories, rule types, and profiles. | ||
- `editor`: Grants the same permissions as the viewer role, along with the ability to edit project resources, excluding the project itself and the list of providers. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How about "in addition to the viewer permissions, editors can author profiles and rule types, as well as add resources to manage. Editors cannot enroll additional providers or change or delete projects."
|
||
- `viewer`: Provides read-only access to the project. Users with this role can view associated resources such as enrolled repositories, rule types, and profiles. | ||
- `editor`: Grants the same permissions as the viewer role, along with the ability to edit project resources, excluding the project itself and the list of providers. | ||
- `admin`: Grants administrator rights on the project. Users with this role have the same permissions as editor and can also modify the project and associated providers. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do you want to say "full permissions" here? Maybe also mention that administrators can add and remove users from other roles?
- `viewer`: Provides read-only access to the project. Users with this role can view associated resources such as enrolled repositories, rule types, and profiles. | ||
- `editor`: Grants the same permissions as the viewer role, along with the ability to edit project resources, excluding the project itself and the list of providers. | ||
- `admin`: Grants administrator rights on the project. Users with this role have the same permissions as editor and can also modify the project and associated providers. | ||
- `policy_writer`: Allows users to create rule types and profiles. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is this also granted by editor? Might be worth contrasting the two.
c50c89d
to
1631790
Compare
1631790
to
d6e5dbe
Compare
Summary
Change Type
Mark the type of change your PR introduces:
Testing
Outline how the changes were tested, including steps to reproduce and any relevant configurations.
Attach screenshots if helpful.
Review Checklist: