Skip to content

Determine security data pattern for users with assigned custom admin role

Problem to solve

Admin Area pages shows group, project, user metadata. Depending on your user type, you may have read all access to groups and projects or specific access to groups and projects.

User Type Admin access Group / Project Access
Administrator
  • Full access
  • Full access
Auditor
  • Default: No acccess
  • Specific access granted with Custom Admin Role
  • Default: Read access to ALL group and membership
  • Additional access determined by membership role
Regular user
  • Default: No access
  • Specific access granted with Custom Admin Role
  • Default: Access determined by membership role

When a regular user is granted admin area access via a custom admin role, we need to determine the visibility of metadata

  • Option 1: Show metadata only for groups/projects where the user has direct membership
    • Aligned with principle of least privilege
    • Maintains consistency with the user's existing access
    • Potentially limits admin area functionality if users can't see the full system state
  • Option 2: Show all metadata even if user has varied membership in groups and projects
    • Provides complete visibility
    • May raise security concerns about information shown

Solution

Security pattern

Option 2 - see #515348 (comment 2371423345) for background on decision. Show all metadata even if user has varied membership in groups and projects.

UX Details

Figma section

To be included in Beta:

Area Details
UX pattern
  • Show all metadata for Regular Users and Auditor Users
  • Hide sections/buttons/actions when user is granted read only access
  • Activate link only when user is granted explicit permission through user type, custom admin permissions or membership
Navigation
  • Show sections where explicit access is granted.

Screenshot 2025-03-06 at 9.41.20 AM.png
/runner/30#/jobs

  • Show all metadata to users given admin area access to sections

  • Admin area has pages where projects and groups are linked
    For regular users: link to groups and projects is determined by membership.

    If regular user is not a member = link inactive
    if regular user is a member = link active

  • For auditor users: link to groups and projects is active due to read all groups & projects permission.
    If auditor user is not a member = link active
    if auditor user is a member = link active

  • Add alert to pages where access is limited by membership

Screenshot 2025-03-06 at 9.31.00 AM.png
/groups or /projects

  • Show all metadata to users given admin area access to sections

  • Group and project overview: All links are active

  • Group and project details:

    For regular user types: link to groups and projects is determined by membership.
    If regular user is not a member = link inactive
    if regular user is a member = link active

    For auditor user types: link to groups and projects is active due to read all groups & projects permission
    If auditor user is not a member = link active
    if auditor user is a member = link active

Screenshot 2025-03-06 at 9.37.45 AM.png

Include for GA:

Area Details
Admin area access - context and permission visibility
  • Add badge in breadcrumb, top header for custom admin role. Badge persists for user across all accessible pages.
  • Popover includes Role, Description, Permissions

Screenshot 2025-03-06 at 9.26.15 AM.png

Does this feature require an audit event?

No - it needs instrumentation

Edited by Ilonah Pelaez