User Access Control#

The portal uses GitHub for Authentication. It identifies users by their GitHub username. All users must have a GitHub account.

The portal integrates with GitHub using the OAuth2 API. When first accessing the portal you will be redirected to GitHub log in. After logging in you will be redirected back to the portal. The portal itself does not have access to your GitHub password. See Sign in.

For REST API access the portal identifies users using an access token (see REST API Authentication). These can be created on the portal. Access tokens are bound to a user and can be revoked by the user at any time. Authenticating with with an access token grants the same access rights as authenticating with GitHub. If a user has their permissions changed, or the user is removed, the access token will also be affected immediately.

Granting access to the portal#

Access to the portal can be granted/removed/modified by users with Admin access.

The roles Read, Write, and Admin are granted by adding the user to the GitHub repository with that level of access. See the GitHub documentation.

Admins can add a user with Manual control only access using the admin page of the portal:

_images/add-manual-control-user.png

Stb-tester support are not able to grant access to your portal as we are not able to verify any requests to do so. If you need access to your portal please contact someone in your organisation who has Admin access.

Access Roles#

There are 4 defined access roles (in increasing order of access):

  • Manual control only - Can:
    • View live video from any node over WebRTC and JPEG snapshots

    • Use the manual control to send keypresses to any node

    • See the status of any node including which tests are running

    • See the list of GitHub branches - but not their contents

    • See any remote control from any branch

    • See a list of all nodes

    • Download live screenshots, but not save them to the object repository.

  • Read - Can do everything a Manual control only user can do, plus:
    • View and clone your GitHub repository

    • Run any test from any branch

    • Stop any running test

    • Reserve nodes

    • Interrupt a reservation from any user on any node

    • View all test results

    • View the object repository, but not update it

    • Create and delete REST API access tokens

  • Write - Can do everything a Read user can do plus:
    • Push to your GitHub repository including modifying any test-script, remote control, or configuration file.

    • Update the object repository

    • Create page objects

    • Save live screenshots to the object repository

    • Update configuration files including node friendly names and secrets.

  • Admin - Can do everything a Write user can do plus:
    • List all users and their access levels

    • Add users (via GitHub) or Manual control users (via the portal)

    • Modify the access level of other users