Code Climate Permissions by Role
Organizations in Code Climate have two user roles: owner and member. These roles dictate what a user can or cannot do within a particular organization. This doc outlines the permissions granted to either type of user, depending on if that organization is using either team-based permissions or GitHub-backed authorization.
Contents
Team-based vs GitHub-backed Authorization
Team-based User Permissions
GitHub-backed Authorization User Permissions
Team-based vs GitHub-backed Authorization
There are two types of permission sets that exist within Code Climate: team-based or GitHub-backed Authorization. With team-based permissions, repo access is determined by team membership. GitHub-backed authorization pulls repo permissions from GitHub to determine which users can view and administer repos on Code Climate.
To figure out which system you’re using, navigate to your organization’s settings; if an option for “Teams” is present, then your account is using team-based permissions.
Team-based permissions will be deprecated in the future.
Team-Based Permissions
If your organization is utilizing teams, repo permissions are set on a per-team basis; all users are members of teams, and teams provide access to specific repositories. Teams are created and configured by any organization owner.
| Permission Type | Manage Issues (mark issue statuses) | Add Repo | Configure Repo | View Repos | Invite Users | Access Billing |
| Organization Owner | Yes | Yes | Yes | Yes | Yes | Yes |
| Organization Member | (Configurable) | No | No | Based on team access | No | No |
Organization Owner: Organization owners have the most permissions and can do almost anything within an organization. Owners can access billing, manage users and teams, and add, remove, and configure repos.
Organization Member: An organization member can only access repos that they have been granted access to through an assigned team. They can see code issues, but can only approve PRs if specific permissions are set by an organization owner.*
GitHub-Backed Authorization Permissions
With GitHub-backed authorization, repo-level permissions are determined by a user's GitHub permissions.
-
If you can view the repo on Github, you'll be able to view the repo on Code Climate.
-
If you can't view the repo on GitHub, you won't be able to view the repo on Code Climate.
-
If you have Admin permissions to the repo on GitHub, you'll be able to administer (add, configure, delete) the repo on Code Climate.
-
If you don't have Admin permissions to the repo on GitHub, you won't be able to administer (add, configure, delete) the repo on Code Climate.
Importantly, Code Climate administrative actions such as billing access or inviting new users can only be done by organization owners.
| Permission Type | Manage Issues (mark issue statuses) | Add Repo | Configure Repo | View Repo | Invite Users | Access Billing |
| Organization Owner | Yes | Based on GitHub Permissions | Based on GitHub Permissions | Based on GitHub Permissions | Yes | Yes |
| Organization Member | (Configurable) | Based on GitHub Permissions | Based on GitHub Permissions | Based on GitHub Permissions | No | No |
Organization Owner: Organization owners have the the highest permission level in an organization. They can do everything that a member can, as well as access billing information or invite users. With GitHub-backed Authorization, an owner only has access to repos that they have access to in GitHub, and can only add or configure repos if they are administrators of those repos in GitHub.
Organization Member: An organization member can only see repos in Code Climate that they have access to in GitHub. In addition, a member must be the admin of a repo in GitHub if they would like to add or configure a repo in Code Climate.
How does this happen?
If you're interested in how we authenticate with GitHub, check out this doc
Updated about 1 year ago