Customizable Roles Solution ideation
User Story
When I need more granular controls for my users, I want to individually toggle features, so I can have tight control over the features my users have access to.
Working File
Problem
Organizations typically rely on GitLab's roles and permissions controls to maintain acceptable controls. However, GitLab's role system is typically considered too broad; for many customers - especially those operating in regulated environments - "they often resort to setting everyone to Owner and trusting their colleagues to not make mistakes" (see research). In almost all cases, instances want to further constrain existing roles, instead of permitting their users to do more.
In order for large organizations, especially regulated and security-minded enterprises, to thrive in GitLab we need more granular per-user permissions.
User flows
Create role | delete role |
---|---|
![]() |
![]() |
MVC
Currently we only have one action that can be toggled on or off as a customizable policy. We can start by allowing this to be the basis of a new user role.