►
From YouTube: RBAC front end planning breakdown
Description
Discussion between UXer Daniel and front end dev Eduardo, regarding the new section to be created for our customizable role based access control system.
A
Cool,
so
I
wanted
to
catch
up
with
you
to
go
over
the
state
of
the
our
back
stuff
that
we're
working
on
and
to
try
and
work
with
you
to
see
what
you
need
in
terms
of
either
issues
created
or
visuals
or
Assets,
in
order
to
start
looking
or
breaking
down
the
the
interface
that
we're
looking
at.
So
one
of
the
things
unfortunately,
right
now
is
that
we
don't
have
any
permissions
or
any
goals
in
the
front
end.
B
A
C
I've
seen
the
the
mocks
that
you
have
the
designs
that
you
have
created
cool.
So
maybe
we
can
go
through
through
these
little
by
little
and.
D
C
A
So
the
first
thing
would
be
where
the
the
location
of
the
the
page
will
be
and
I
think
we
just
want
to
have
a
navigational
element
in
the
settings
right
now
we
don't
have
the
Enterprise
user
section,
but
so
we'll
need
a
location
for
it
in
the
the
self-managed
or
to
have
it
be
in
a
place
where
it
won't
interfere.
It
won't
make
too
much
disconnect
when
we
try
and
transition
the
SAS
environment
over
to
the
self-managed
top
level
organizations
group.
B
A
I'm
curious,
if
you
had
like
a
proposal
or
something
to
think
about
regarding
that,
actually
can't
share.
D
C
Close
to
the
user
somehow,
and
the
two
of
them
are
at
least
in
my
mind,
connected
logically
roles
and
permission
are
used
by
users.
So
having
this
close
together
at
least
navigationally
makes
sense.
A
Yeah,
that's
kind
of
what
I
was
thinking
as
well.
Is
that
finding
a
a
location
for
it
within
the
user
management
I
think
makes
the
most
sense
for
now
here's
the
screen
I
wanted
to
share.
A
I,
don't
know
if
adding
roles
of
her
missions
here
in
this
section
makes
sense,
although
the
membership
is
right
there,
but
I
think
it's
okay
to
leave
it
there
for
now
on
the
idea
that
we're
going
to
move
it
in
the
future
is
that
sort
of
what
you're
saying
is
having
it
somewhere
either
in
or
near
this
section.
C
A
The
only
top
level
group
owners
or
admin,
so
the
problem
is
it
makes
sense
in
the
self-managed
environment
where
we
have
an
admin
screen.
So
it
looks
like
this
in
this
admin
area,
where
we
have
this
section
next
to
roles
and
users
and
roles
and
permissions.
A
The
problem
is
when
we
go
to
the
environment
of
like
where
to
go
here,
the
self-managed,
where
I
don't
necessarily
have
that
admin.
Excuse
me
the
SAS
environment,
where
I
don't
have
the
admin
screen
and
I
just
have
my
group.
A
Where
would
that
exist,
and
that's
what
I
was
saying?
Is
that
I
think.
C
A
C
A
In
our
current
implementation,
no,
but
that's
where
the
the
idea
of
the
organization's
group
will
come
into
play
where
we
have
that
top
level
and
that's
where
it
would
impact
the
the
role
creation
would
always
be
at
the
top
so
that
you
wouldn't
have
that
lateral
interaction.
The
problem
is
right
now
as
an
example,
so
we're
using
this
with
groups,
there's
no
interface
for
that
interaction
here,
where
I
would
assign
at
a
top
level
all
of
my
groups.
A
These
are
all
examples
of
top
level
group,
because
we
don't
have
a
this
admin
field
until
we
get
that
Enterprise
settings
field
and
that's
where
I
think
this
problem
might
exist,
I
I
think
one
of
the
situations
we
might
be
have
we
have
to
probably
wait
till
that
gets
implemented.
That's
kind
of
what
I'm
looking
at
is
that
maybe
you
have
some
sort
of
other
proposal
or
there's
some
other
way.
We
can
do
it
because
right
now,
the
other
way
to
do
it
is
assuming
this
top
level
container,
which
isn't
manifesting.
A
The
current
UI
we'll
just
pretend
that
it's
this
would
have
settings.
That
would
say
Enterprise
user
settings
somewhere
here,
but.
D
C
What
if,
instead
of
so
click
on
the
group
information
all
right,
so
here
we
have
three
okay,
good,
we
could
add
for
for
menu
here,
activity
labels,
some
members
and
then
one
more
right.
C
Will
emulate,
but
if
you
go
to
the
one
back
one
yes,
so
here
you
have
three
tabs
yeah.
D
A
B
A
So
I
think
that
kind
of
makes
sense
where
it
would
just
be
some
other
additional
item
here.
That
would
be
that
roles
and
permissions
setting
that
we're
looking
at
here,
but
it's
its
own
section
here
in
one
of
the
main
top
level
navigational
elements:
okay,.
D
A
A
So
I
think
a
navigational
element
up
at
the
top
is
not
necessarily
problematic
from
there.
A
We
have
the
section
with
the
permissions
containers,
so
we
have
the
the
custom
roll
or
the
standard
role,
which
is
just
this
git
lab
five
permissions
that
we
have
there's.
Also
this
which
I
don't
have
a
strong
I'm,
not
in
love
with
it
right
now,
because
the
problem
is,
we
need
some
sort
of
capability
to
audit
something.
C
Danielle
is
this
paid
for
information
all
in
or
only
right
now,
the
standard
rules
or
with
that
in
the
future,
be
something
that
an
admin
or
a
group
owner
could
disable,
for
example,
as
a
specific
or
remove
do
we
want
to
even
remove
cast
as
a
possibility?
Is
there
any
kind
of
interaction
that
we
are
seeing
in
the
future.
A
So
that's
what
the
where
the
audit
comes
in,
so
the
idea
is
that,
as
an
example
of
audit
I
would
be
able
to
well.
Let
me
go
to
a
to
the
page
where
it
looks
like
it
actually
has
content.
One
second.
A
So,
on
the
assumption
that
now
I've
created
a
custom
role
and
it's
labeled
here
as
incident
manager,
the
screen
previously
was
empty.
But
that's
where
this
audit
Behavior
comes
in
once
it
finishes.
B
B
A
B
A
Was
the
original
intent
for
this
to
where
this
content?
That's
what
this
content
would
be
used
for,
but
I'm
not
sure,
that's
the
best
use
for
it.
The
reason
I
thought
we
could
use
that
as
an
audit
process
was
because
if
the
idea
was
I
were
to
start
over.
D
A
Very
not
responsive
system,
so
the
table
would
just
show
all
the
interactions
and
you
would
then
select.
You
know
what
custom
permission
you
needed,
but
this
is
super
long
term
and
in
the
interim
right
now
we
only
have
the
one
MVC
of
this
one
permission
in
the
back
end
on
the
API.
Only
what
I
want
to
do
is
build
out
some
sort
of
framework
or
foundation
for
this.
The
other
teams
would
then
populate
with
their
specific
feature
permissions,
so
you're
not
going
to
go
and
create
all
of
these,
because
that's
just
too
laborious
right.
A
Why
would
I
have
to
go
and
do
all
the
permissions
work
for
every
different
feature?
We
don't
we're,
not
the
authority
on
that
particular
feature
and
the
use
case
and
user
stories
Etc,
so
I
want
to
build
some
sort
of
framework
or
documentation
on
the
process
and
how
we
add
or
integrate
these
permissions
into
the
UI
or
the
front
end,
and
that's
where
this
kind
of
container
auditor
screen
comes
into
play.
Is
that
that's
part
of
the
framework
of
building
the
custom
role?
A
So
then,
you
can
go
back
and
see
that
now
I
can
go
and
click
around
and
see
that
custom
setting
that
was
created
and
how
it
compares
to
other
custom
permissions
or
custom
roles.
But
that's
where
this
sort
of
interactive
table
comes
from
and
I
thought
using
it
redundantly
in
this
capacity
where
we
actually
go
back
and
can
go
audit
or
click
around
and
change.
The
view
would
be
useful
in
that
when
you're
making
that
custom
role-
and
it
replicates
here
whenever
you're,
building
that
custom
role.
C
What
I
see
here
just
a
couple
of
comments.
D
D
D
C
Example
here,
although
it's
not
super
interactive,
the
only
thing
that
it
really
has
to
change
is,
for
example,
if
you
change
the
role
on
the
top
from.
A
D
C
At
that
point,
what
we
we
want
is
to
the
standard
role
to
occupy
the
left
side
of
the
the
middle
section
right.
A
Yeah,
because
the
idea
is,
if
I
select
one
of
these
custom
or
one
of
these
default
roles,
it
changes
the
table
data
exactly
to
developer
here.
In
this
case,
yes,
and
then
same
thing
here,
where
I
enter
a
name
and
then
it
populates
the
name,
that's
the
main
interaction
points
and
then
the
customization
is
these
little
check
boxes.
Yes,.
C
Which
is
not
I
mean
that's
not
interactive,
as.
D
C
If
you
go
back
to
the
previous
thing
to
the
to
the
yeah,
so
what
I
see
here
is
that
these
two
screens
are
actually
not
interactive
and
that
could
be
implemented
in
Hammer
as
except
for
the
search
top
search,
which
is
a
little
bit
of
interaction
that
in
this
search.
Probably
what
we
want
is
to
type
a
role,
a
permission,
a
type
of
permission
and
then.
A
I
I
would
say
at
this
point
since
the
we
have
only
you
know
the
one
NBC
in
the
back
end.
The
ability
for
a
search
is
very
low.
We
don't
have
a
there's,
no
custom
roles
to
be
made
that
are,
you
know.
We
don't
have
the
assumption
that
an
organization
should
be
making
10
different
custom
roles.
You
know
100
different
custom
roles
within
the
next
few
Milestones
or
quarters
right.
A
That's
a
much
farther
problem
to
look
at,
but
we,
the
idea
of
having
the
search
at
some
point
in
the
future,
would
be
more
so
for
the
custom
roles.
If
your
organization
creates
a
bunch
of
custom
roles,
if
an
admin
were
to
query,
oh
team,
a
has
a
custom
permissions
I
want
to
search
for
team,
a
or
whatever
metadata
I
had
assigned
as
part
of
that
creation
process,
and
that
the
search
I
think
would
only
be
just
for
the
permission
name
but
I
think
at
some
point.
A
If
we
have
a
more
robust
search
query
in
the
future,
could
they
query
locations
of
those
custom
permissions
where
they
were
assigned?
You
know
what
groups
or
particular
user
member
I,
don't
know
if
it
makes
sense
for
the
user
member
here
versus
the
user
member
screen
here
in
users,
but
that's
where
I
think
the
idea
of
having
search
bar
would
make
sense.
If
there
was
you
know,
hundreds
of
custom
roles.
A
Obviously
it's
not
useful
to
scroll
around
looking
for
them
manually,
but,
like
I
said,
this
is
a
much
farther
process.
Much
further
down
the
road.
Okay.
A
Thank
you.
Let's
see,
I.
D
C
C
And
then
you
modify
the
custom
row
and
you
add
another
permission
that
didn't
originally
have:
does
user
a
will,
get
that
additional
row,
or
is
this
kind
of
a
template
and
is
on
the
time
of
the
creation
of
the
of
the
user
that
this
template
is
applied?
C
A
A
All
the
members
in
that
group
inherited
that
change
so
arguably
that
that
behavior
should
stay
the
same.
Okay,
it's
up
for
the
admin
to
to
make
sure
that
they're
not
doing
anything
they're
not
supposed
to
by
accident
right
and
that's
where
we
have
the
audit
in
the
future
to
try
and
help
minimize
that
or
you
know
find
where
that
occurred.
D
D
C
If
you
create
a
a
user
with
one
template,
one
custom
role:
template
and
then
you
modify
over
a
long
time.
Then
you
will
have
maybe
hundreds
of
users
with
different
actually
permissions,
because
you
have
been
changing
the
template
on
the
time
of
creating
this
user.
So
it
will
be
really
really
difficult.
So
exactly.
A
A
Right
exactly
so,
that's
where
the
idea
of
the
the
role
to
use
as
a
template.
This
will
only
ever
be
the
standard
gitlab
5
templates,
because
we
only
ever
want
to
create
from
a
a
known,
good
condition
right.
You
don't
want
to
allow
somebody
to
continue
iterating
on
some
weird
custom
permissions
they've
made,
which
could
be
problematic
in
the
future.
D
D
C
These
two
sounds
very
similar,
but
and
it's
quite
laborious
that
I
I
will
have
to
go
to
okay
name,
a
space.
What
are
the
differences?
Guest
reporter?
Oh,
maybe
developer,
and
but
so
it
will
be
a
really
nightmare
too
yeah.
D
C
A
Yeah
yeah
I
definitely
wanted
to
look
at
that.
I
have
another
round
of
validation
that
I'm
going
to
use
with
with
end
users
I'm
going
to
ask
some
of
these
questions
like
that,
how
would
you
want
to
interact
or
view
that
process
so
to
try
and
help
improve
this
screen?.
A
A
The
other
thing
we
were
looking
at
was
in
regards
to
permissions
are
only
add
additive.
We
can't
undo
or
subtract
a
permission,
but
presumably
that
shouldn't
be
a
problem
in
the
presenting
the
information
on
this
in
the
the
table.
C
So,
for
example,
you
are
showing
here
developers.
D
A
Can
you
go
add
so
in
this
case,
these
the
developer?
Has
this
permission
to
view
an
namespace
and
project
traffic
stats
I
can't
undo
that
we
don't
have
the
facility
in
our
system
just
yet
to
subtract
or
disable
that
so
I
can
only
give
an
additional
permission
that
wasn't
there
to
begin
with.
So
in
this
case
a
developer
couldn't
view
the
billing,
but
if
I
make
this
custom
role
now,
I
can
give
them
the
permission
to
do
custom
to
view
building.
B
A
C
D
C
To
the,
what
is
the.
D
D
B
C
A
A
What
is
selected
is
will
be
based
off
of
what
you
have
here
so
in
the
future.
I
could
create
a
reporter
role
and
then
also,
which
would
have
nothing
enabled,
but
I
want
that
admin
role
or
owner
role
of
viewing
billing
and
I
could
turn
that
on.
Okay,.
C
So,
if
I
want
to,
for
example,
create
a
super
specific
type
of
cost
role
that
is
I'm
gonna,
give
to
my
finance
a
person
in
the
company,
just
a
something
very
bubbling.
For
example,.
D
B
A
There's
no
restriction
on
what
can
be
given
from
the
bottom
up.
It's
just
so
we
don't
have
a
way
to
do
anything
subtracting
down.
So
in
the
example
you
say,
that'd
be
the
perfect
use
case.
I
have
an
organization
I
have
a
billing
team.
I
just
want
to
look
and
pay
the
bill
for
gitlab
or
whatever,
and
then
I'll
give
them
a
guests
and
then
give
them
the
view
building
check
box
and
that's
it.
A
I
mean
I
I
would
hope
in
the
future,
when
we
can
do
subtractive
permissions,
that
that
would
be
possible,
but
we're
currently
limited
to
the
additives
so
starting
from
guest,
only
okay,
and
also
as
a
way
of
maintaining
again
like
a
known
good
State,
like
the
good
State
being
that
they
can
access
the
platform
and
do
the
basic
stuff
as
a
guest
user.
If
you
have
anything
minus
that
I,
don't
know
what
would
happen
What
because
they
wouldn't
even
be
able
to
get
in
or
some
you
know,
view
certain
pages
or
anything.
C
You
know
Danielle
I,
think
that
in
this
actually
in
this
interface
is
where
maybe
I
will
add
the
search.
The
first.
D
C
D
C
I
want
and
I
S
I
know
where
the
type
of
permission
I
would
like
to
navigate
very
quickly
to
yeah,
to
that
permission
and
then
enable
or
disable
yeah.
A
That
that
I
think
also
would
be
pretty
simple,
because
it
would
just
be
a
raw
text.
Query
you're
not
searching
anything
in
in
the
database,
because
all
you
want
to
do
is
say:
I
want
to
I'm
looking
for
building
search
for
building.
Okay,
it's
right
here
under
this
one,
so
I
think
that
makes
sense,
because
it's
not
doing
anything
complicated
just
doing
a
broad
text.
Query
within
the
tables
I
think
that
works.
A
A
Yeah
but
I
think
also
that's
another
one
of
those
long-term
things,
because
at
this
point
we
don't
have.
We
don't
have
anything
yeah
that
anyone
can
add
really,
except
for
that
one.
C
And
I
think
one
sec
so
right
now
we
have
the
ability
to
add
permission
to
a
guest
right.
Is
that
correct.
A
Yeah,
the
idea
being
is
that
the
custom
permission
would
be
all
these
five,
so
I
could
add
it
from
a
guest
and
right
now,
I
think
with
the
MVC
is
the
the
guest
and
it
is
viewing.
D
C
C
A
Just
you
know
only
four
of
them
in
each
one
but
I'm
assuming
it
would
probably
be
the
cicd
yeah
here
it
is
view
pipeline
page.
C
D
A
C
I've
seen
we
can
do
async
I,
think
I
have
answered
the
majority
of
the
question
and
I
have
a
better
understanding
of
what
I
will
need
so
yeah.
It
has
been
very
helpful.
This
is
very
exciting.
Danielle.
A
Cool
awesome,
great,
we'll,
follow
up
I.
Think
then.