Improve User Management


#1

At the moment, user management is extremely basic and user permissions are limited.

Adding users is a painful process if the user list is of any significant size. We have hundreds of users in our github organization and going through the process of adding and removing users every week as people move onto or out of teams takes far too long.

Second, we are unable to use some of the great “deployment” focused features because, as far as we can see, there’s no way to restrict access to changing those features to just some of the users. If a user has access to a project, they have access to ALL of the project. I need developers to be able to see the results of their builds. I certainly do not need or want them to be able to change how those builds are deployed. There are even legal restrictions on who has access to such capabilities in a public company such as ours. As CircleCI doesn’t have a way to lock down that access to just some of the users, we can’t use any deployment features at all.


How can I remove a user account from our organization?
#2

We are feeling this too. We have a small team at the moment but it’s really unclear how to remove a user who recently left us. I have removed them from the github org but it’s not obvious at all if they have been removed on circle as well, and how to do so if not.


#3

Ditto this. No way to remove a user from circle notifications without asking the user to do it themselves which makes for awkward and potentially impossible situations.


#4

This is an issue near and dear to me. I’d love to hear more.

One piece of clarification -> our permissions currently mirror your VCS but sometimes we do a poor job of showing that. If you’ve cut off access on your VCS, that user no longer has access on CircleCI (You may still see them on the user list - we’ll fix that but that is currently a display issue, not a permission issue).

The issue around deployment is interesting @ptcuops. Do you have the level of granularity of access you want from Github (i.e., do you need us to further mirror Github or do we need something special to meet your usecase here that is Circle-specific/not code or Github specific)? Indeed as we think about branching into our own permission model - we hear from many customers that maintaining our 1:1 mirroring with VCS (e.g., Github) is an important feature.

CC @ndintenfass


#5

still the same need : we need to be sure a user has been removed from circleCI !


#6

I also need that. Developers should be able to run builds and expect results.
But I don’t want them to access SSH builds because they gain access to all the secret env in that case.
Just need to be able to restrict build access to repo admins…


#7