Managing Teams

When you have many applications added to Uleska you’ll likely have a number of different teams running tests, integrating into CI/CD, and managing results. Uleska’s Team Management lets you create teams structures and add users and applications to them to manage visibility. This lets users focus on the projects they’re working on, and not get distracted by what other teams are doing. It also lets managers and users who need to see issues and metrics across many teams have that visibility.

For an overview of Uleska Team Management, check out the following video:

 

Working With Teams

To illustrate how Uleska user management maps to your organization's team structures, let’s describe a software team structure as below:

Teams1

We’ve got three ‘top level’ teams in Atlanta, Belfast, and Amsterdam, and under Amsterdam we’ve got two sub-teams, in Alpha and Bravo. Note that you can create as many teams as you need, and continue creating sub-teams as needed also, to reflect your organization structure.

Now let’s add some example application projects and users to our teams:

team2We’ve got a team structure as follows:

  • Alice is in the Everyone ‘global’ level and has access to all applications
  • Bob is in the Atlanta team, which has a ‘Dark Knight’ application
  • Clara is in the Belfast team, which has the ‘Forrest Gump’ application
  • Dave is in the Amsterdam team, which has two sub-teams.
  • Bob is also in the Alpha team, which has the ‘Fight Club’ and ‘Matrix’ applications.
  • Eamonn is in the Bravo team, which has a ‘Star Wars’ application

Uleska’s user management is set up as a tree-style structure, with flexibility across teams, to reflect the usual way software teams are organized. The user access / visibility rules are as follows:

  1. Users in a team can work with applications in their direct team, or any sub-teams.
  2. Applications can only be associated with ‘end node’ teams, i.e. teams that do not have any sub-teams.
  3. Users can be associated with teams that are not ‘end node’ teams.
  4. Users cannot work with applications that are not in their direct teams, or sub-teams.
  5. A user can be added to multiple teams.
  6. When we say ‘work with’, this means:
    1. When they log into the Uleska UI they can view applications in their teams, they can run Toolkits against those applications, view / triage vulnerabilities for those applications, and view metrics / statistics for those applications.
    2. Their personal access token has the same access rights when using the CLI or API.

Based on the above team structure, the following is true:

  • Alice can access all applications, as she is in the ‘Everyone’ team and all projects are in sub-teams.
  • Clara can access the ‘Forrest Gump’ application, but not for any other application.
  • Dave can access the ‘Matrix’, ‘Fight Club’ and ‘Star Wars’ applications as they are in sub-teams of the Amsterdam team. Dave cannot access the ‘Dark Knight’ or ‘Forrest Gump’ applications.
  • Bob can access the ‘Dark Knight’ application as he is in the Atlanta team, and the ‘Fight Club’ and ‘Matrix’ applications as he is in the Alpha team, but not for any other application.
  • Eamonn can access the ‘Star Wars’ application, but not for any other application.

Working With Teams

To create teams in Uleska:

  • Click on the ‘Permissions’ tab on the left hand menu.
  • Click on the ‘Teams’ tab.

This screen will show you the existing teams that have been setup. By default there is just one team, the ‘Everyone’ team, which is the global team. All created teams will be below the ‘Everyone’ team.

To add a new ‘Top Level’ team (under the ‘Everyone’ team):

  • Click on the ‘Add Top Level Team’ button, or
  • Click on the ‘Add Sub-team’ button in the ‘Everyone’ team row.
  • Give the team a name and click ‘Create Team’.

TopLevelTeam

You can add lots of ‘Top Level’ teams into Uleska, and note that charts and metrics across the ‘Top Level’ teams are then displayed in the ‘Financials’ tab (see ***).

To add teams below a ‘Top Level’ team:

  • Click the ‘Add Sub-team’ button in the row of the team you want to add the sub-team.
  • Note, as mentioned above, teams that are not ‘end node’ teams cannot have applications associated with them. Therefore if you have applications associated with a team, and you create a sub-team, those applications will automatically be moved to the first sub-team created.

AubTeamAdd

To view your teams in Uleska:

  • Click on the ‘Permissions’ tab on the left-hand menu.
  • Click on the ‘Teams’ tab.

This will show you the ‘Everyone’ team. If you click on the row for the ‘Everyone’ team the UI will expand to show all teams under that team. Similarly, if you wish to see sub-teams under any of those teams (such as the Alpha team under Amsterdam) then click on the row of the team and any sub-teams will expand out.

allteams

You can see the team names are slightly indented to show what team they are under. In this way, the above image shows a team structure replicating our diagram above.

To edit a team, click the edit icon for the team you wish to edit. You can modify:

  1. The team name
  2. Users assigned to that team
  3. Applications assigned to that team

To delete a team, you can click the bin icon for the team you wish to delete. Note there are rules to deleting teams:

  1. You cannot delete a team that has direct applications assigned to it. You will need to re-assign those applications before deleting the team.
  2. You can delete a team that has no direct applications assigned to it but does have direct users assigned.
    1. Note that while you can delete a team with direct users assigned to it, we recommend you reallocate those users before deleting the team. If you delete a team, and this was the only team a direct user was associated with, then that user would not see any applications when they log into the UI, and will not be able to run any tests or add new applications. They will need to be re-assigned to a new team (see steps below).
    2. Uleska does this to protect your applications and visibility. If we simply assigned the user to the super-team that may give undesired results. In the above example, you may wish to delete the Bravo team, but you may not wish Eamonn to view and run tests against all applications under the Amsterdam team.

 

Adding Users to Teams

There are two ways to add a user to a team. The first way is when you are adding a new user, the ‘Inviting User’ form you can specify the team to add them into.

To add a new user:

  • Click on the ‘Permissions’ tab on the left-hand menu.
  • Click on the ‘Invite User’.

For example, to add Alice to the ‘Everyone’ team:

AddAlice

The second way is to add an existing user to a team. Remember, users can be associated with multiple teams, including teams that a ‘non-leaf’. A 'non-leaf' team is a team that does not have any sub-teams.  To add a user to a team:

  • Click on the ‘Permissions’ tab on the left-hand menu.
  • Click on the ‘Teams’ tab.
  • Click on the edit icon for the team you wish to add the user to.
  • Scroll down to the table ‘Assign Users to Team’ and click the checkbox beside the user you want to add. The act of checking the box beside the user adds them to the team (there’s no ‘Save’ button to press)

atlanta

To remove a user from a team, you uncheck the box beside a user in that team. To remove a user from a team:

  • Click on the ‘Permissions’ tab on the left-hand menu.
  • Click on the ‘Teams’ tab.
  • Click on the edit icon for the team you wish to remove the user from.
  • Scroll down to the table ‘Assign Users to Team’ and uncheck the checkbox beside the user you want to remove. The act of unchecking the box beside the user removes them from the team (there’s no ‘Save’ button to press)
  • Note: If you remove a user from a team, and this was the only team the user was associated with, then that user would not see any applications when they log into the UI, and will not be able to run any tests or add new applications. They will need to be re-assigned to a new team.

Adding Applications to Teams

There are two ways to add an application to a team. The first way is when you are adding a new application project. You can add a new application from the main Application screen, by clicking ‘Add New Application’. The form to add an application includes a choice of ‘leaf’ teams the application can be added to.

addappteam

Note that if you’re user account is associated with a subset of teams, you will only be able to add applications to your visible teams.

The second way is to assign applications to your team. An application project can be associated with one team at a time. Remember applications can be associated with one team at a time, and the team has to be a ‘leaf’ team.

To add an application project to a team:

  • Click on the ‘Permissions’ tab on the left-hand menu.
  • Click on the ‘Teams’ tab.
  • Click on the edit icon for the team you wish to add the user to.
  • Scroll down to the table ‘Assign Applications to Team’ and click the ‘Add’ button beside the application you want to add (assign) to that team.

addapp

  • The act of pressing the ‘Add’ button beside the application name adds it to the team (there’s no ‘Save’ button to press). The UI will now display a ‘Remove’ button you could use to remove the application from that team.

addedapp

If you choose to remove an application from the team, you will be presented with a list of other teams to assign the application to. If you have a lot of teams, you can begin to enter the name of the team you wish to reassign the application to, and the form will search for the desired team.

reassignapp