User Access Control#
The portal uses GitHub for Authentication. It identifies users by their GitHub username. All users must have a GitHub account.
The portal integrates with GitHub using the OAuth2 API. When first accessing the portal you will be redirected to GitHub log in. After logging in you will be redirected back to the portal. The portal itself does not have access to your GitHub password. See Sign in.
For REST API access the portal identifies users using an access token (see REST API Authentication). These can be created on the portal. Access tokens are bound to a user and can be revoked by the user at any time. Authenticating with with an access token grants the same access rights as authenticating with GitHub. If a user has their permissions changed, or the user is removed, the access token will also be affected immediately.
Granting access to the portal#
Access to the portal can be granted/removed/modified by users with Admin access.
The roles Read, Write, and Admin are granted by adding the user to the GitHub repository with that level of access. See the GitHub documentation.
Admins can add a user with Manual control only access using the admin page of the portal:
Stb-tester support are not able to grant access to your portal as we are not able to verify any requests to do so. If you need access to your portal please contact someone in your organisation who has Admin access.
There are 4 defined access roles (in increasing order of access):
- Manual control only - Can:
View live video from any node over WebRTC and JPEG snapshots
Use the manual control to send keypresses to any node
See the status of any node including which tests are running
See the list of GitHub branches - but not their contents
See any remote control from any branch
See a list of all nodes
Download live screenshots, but not save them to the object repository.
- Read - Can do everything a Manual control only user can do, plus:
View and clone your GitHub repository
Run any test from any branch
Stop any running test
Interrupt a reservation from any user on any node
View all test results
View the object repository, but not update it
Create and delete REST API access tokens
- Write - Can do everything a Read user can do plus:
Push to your GitHub repository including modifying any test-script, remote control, or configuration file.
Update the object repository
Create page objects
Save live screenshots to the object repository
Update configuration files including node friendly names and secrets.
- Admin - Can do everything a Write user can do plus:
List all users and their access levels
Add users (via GitHub) or Manual control users (via the portal)
Modify the access level of other users