Define permissions for who can access feature screens for Product Analytics
Release notes
Problem to solve
Deciding where to send data for Product Analytics, being able to view those locations, and changing other settings related to Product Analytics is a sensitive set of behaviors. Being overly permissive will lead to problems with unauthorized usage or change. Being overly locked down will reduce usability.
Proposal
Define the permissions model for the screens, settings, and features in Product Analytics. Specify who can (and cannot) access each area. Follow existing permissions guidance and conventions when possible.
The list below includes various aspects and a proposed required role to be able to take each action or view it. When a role is listed, all roles that have more permissions than it are included as well (e.g. Maintainer
implies Owner
as well):
- View product analytics dashboards and reports: Developer
- View products analytics settings: Developer
- This is the SDK host, App ID, and any other info needed to send data from the app to GitLab
- View cluster configuration settings: Maintainer
- These settings are things like the ClickHouse/Cube.dev API keys and used to set up the cluster itself but not needed to send data from the app to GitLab
- Note: This is separate from the general settings so that the location of the cluster is not revealed.
- Question: Is this relevant for the first few releases, which have cluster configuration at the instance level?
- Change analytics settings: Maintainer
Feature Usage Metrics
This page may contain information related to upcoming products, features and functionality. It is important to note that the information presented is for informational purposes only, so please do not rely on the information for purchasing or planning purposes. Just like with all projects, the items mentioned on the page are subject to change or delay, and the development, release, and timing of any products, features, or functionality remain at the sole discretion of GitLab Inc.