User-centric access management for freistilbox

Published 2020-05-13 by Jochen Lillich

How the freistilbox dashboard managed access to our managed hosting infrastructure is an outstanding example for a UI that was too complicated and too limiting at the same time. Today, I’m happy to announce that we’ve greatly improved the way you grant users access.

Lately, I’ve been working a lot on our customer dashboard, a Ruby on Rails application. (If you’re interested in how that looks like, follow my live coding channel on Twitch.) Diving into code I wrote years ago is always a humbling experience because I get to see all the assumptions and decisions I made. For example, back when I started coding the freistilbox dashboard, I kept the task simple by mirroring our hosting infrastructure. While the result does the job, it isn’t as intuitive and user-friendly as it would have been had I designed it from scratch.

On the freistilbox infrastructure level, access to a website’s git repository and shell login is determined by a list of SSH keys. Up until now, that’s how the freistilbox dashboard handled it as well: To grant a user access, you had to add all their SSH keys to every single website they needed access to. A tedious process. On the dashboard itself, users had only access to the websites owned by their organisation. For web agencies (who make up the majority of our customer base), this has been a painful limitation because it is their business to build and maintain websites that they don’t own. In order to have access to a client’s infrastructure, they had to create additional user accounts in their organisation.

We’ve finally laid these issues to rest by adding cross-company website access to the freistilbox dashboard. You can now assign any user to a website, regardless of their company affiliation. Their role can either be “admin” or “collaborator”; the former can make modifications, the latter can’t. Every user now maintains their own set of SSH keys in their personal user account, and this list of keys is deployed for every website they collaborate on. Having to add keys manually to a website should be a rare case from now.

If you’d like more about how to assign users to a website, please check out our online documentation.

I hope you’ll have as much fun using this new feature as I had building it! We’re already busy modernising other areas of the freistilbox dashboard. What else would you like us to improve? Let us know on Twitter!