Skip to content

Customizable Roles Solution ideation

User Story

When I need more granular controls for my users, I want to individually toggle features, so I can have tight control over the features my users have access to.

Working File

Figma

Problem

Organizations typically rely on GitLab's roles and permissions controls to maintain acceptable controls. However, GitLab's role system is typically considered too broad; for many customers - especially those operating in regulated environments - "they often resort to setting everyone to Owner and trusting their colleagues to not make mistakes" (see research). In almost all cases, instances want to further constrain existing roles, instead of permitting their users to do more.

In order for large organizations, especially regulated and security-minded enterprises, to thrive in GitLab we need more granular per-user permissions.

User flows

Create role delete role
Screen_Shot_2020-11-11_at_4.00.05_PM Screen_Shot_2020-11-20_at_4.57.34_PM

MVC

Currently we only have one action that can be toggled on or off as a customizable policy. We can start by allowing this to be the basis of a new user role.

Edited by Daniel Mora