Skip to content

Managing user accounts

Creating user accounts

CodeScoring supports multiple users with separate accounts. User accounts are created and managed in the Settings -> Users section.

To create a new user, go to the form using the Create New button and fill in the following fields:

  • Username - user name in the system;
  • First name - first name;
  • Last name - last name;
  • Contact email - e-mail;
  • Proprietor - affiliation to a proprietor within the system;
  • Access level - access level.

The list of created users on the Users tab can be filtered by the following parameters:

  • Proprietor - proprietor;
  • Access level - access level;
  • Is active - sign of an active account;
  • From LDAP - an indication of an account created via LDAP.

Customize Accounts

Created accounts can be edited or deleted in the Settings -> Users section. You can add a user to a project with a specified role by clicking the Add Project button on the Projects tab of the user edit page.

Session time for an inactive user is limited. By default, a user's session expires in 2 weeks from the last activity, after which the user must log in again.

An environment variable is available to configure the session lifetime (in seconds): SESSION_COOKIE_AGE.

Difference between access levels

When an account is created, it must be assigned one of the following access levels – User, Administrator or Auditor.

For the User access level, three roles are available within an individual project:

  • Viewer - access only to viewing the results of analyses within the project;
  • Developer - access to run the analysis in the UI, through the agent and through the proxy repository plugin;
  • Owner - access to view project policies, change project settings and manage access of other project users.

For Administrator access level it is possible to view and change all settings and projects in the system without restrictions.

For Auditor access level it is possible to view all settings and projects in the system without the possibility to make and save changes.

There can be several users with the same roles in a project, including several Owner. If there are no users in the Owner role, only a user with the Administrator access level can manage the project.

More detailed listing of available actions for each access level is presented in the table below:

Action User (Viewer) User (Developer) User (Owner) Auditor Administrator
Analysis: launching SCA analysis
Analysis: launching Authors analysis
Analysis: launching Quality analysis
Activation key: viewing information about the activation key
Activation key: saving the activation key
Audit log: view audit log
Audit log: export audit log
Authors merge: view rules
Authors merge: creating rules
Dashboard: viewing the page
Dependencies: viewing list of dependencies
Dependencies: export list of dependencies
Email: viewing email settings
Email: editing email settings
Groups: viewing user groups
Groups: creating user groups
Groups: editing user groups
Groups: deleting user groups
LDAP: viewing LDAP settings
LDAP: editing LDAP settings
OSS Index: viewing OSS Index settings
OSS Index: editing OSS Index settings
Policies: viewing policies
Policies: creating policies
Policies: editing policy settings
Policies: delete policies
Policy alerts: view list of alerts
Policy alerts: export list of alerts
Policy ignores: view rules
Policy ignores: creating rules
Policy ignores: editing rules
Policy ignores: removing rules
Projects: viewing projects
Projects: viewing Contribution map
Projects: viewing Complexity map
Projects: creating projects
Projects: editing project settings
Projects: deleting projects
Projects: managing group permissions for projects
Projects: managing user permissions for projects
Projects: SBOM upload
Project categories: view categories
Project categories: creating categories
Project categories: editing categories
Project categories: removing categories
Proprietors: viewing code owners
Proprietors: creating code owners
Proprietors: editing code owners
Proprietors: removing code owners
Task managers: view integrations
Task managers: adding integrations
Task managers: editing integration settings
Task managers: removing integrations
Task managers: performing configuration checks
Users: viewing users
Users: creating users
Users: editing user settings
Users: deleting users
VCS: browsing list of repositories
VCS: adding repositories
VCS: editing repository settings
VCS: deleting repositories
VCS: performing settings check
Vulnerabilities: viewing a list of vulnerabilities
Vulnerabilities: export list of vulnerabilities

User groups

Users within the system can be divided into groups. Groups are created and managed in the Settings->Groups section.

To create a new user group, you must go to the form using the Create New button and fill in the following fields:

  • Name — group name;
  • Description — description.

Groups can be added to created projects to more easily track users associated with a project.