►
From YouTube: RBAC front end planning breakdown
Description
Discussion between UXer Daniel and front end dev Eduardo, regarding the new section to be created for our customizable role based access control system.
A
Cool,
so
I
wanted
to
catch
up
with
you
to
go
over
the
state
of
the
our
back
stuff
that
we're
working
on
and
to
try
and
work
with
you
to
see
what
you
need
in
terms
of
either
issues
created
or
visuals
or
Assets,
in
order
to
start
looking
or
breaking
down
the
the
interface
that
we're
looking
at.
So
one
of
the
things
unfortunately,
right
now
is
that
we
don't
have
any
permissions
or
any
goals
in
the
front
end.
B
A
C
D
C
A
So
the
first
thing
would
be
where
the
the
location
of
the
the
page
will
be
and
I
think
we
just
want
to
have
a
navigational
element
in
the
settings
right
now
we
don't
have
the
Enterprise
user
section,
but
so
we'll
need
a
location
for
it
in
the
the
self-managed
or
to
have
it
be
in
a
place
where
it
won't
interfere.
It
won't
make
too
much
disconnect
when
we
try
and
transition
the
SAS
environment
over
to
the
self-managed
top
level
organizations
group.
B
D
C
A
C
A
A
C
A
C
A
In
our
current
implementation,
no,
but
that's
where
the
the
idea
of
the
organization's
group
will
come
into
play
where
we
have
that
top
level
and
that's
where
it
would
impact
the
the
role
creation
would
always
be
at
the
top
so
that
you
wouldn't
have
that
lateral
interaction.
The
problem
is
right
now
as
an
example,
so
we're
using
this
with
groups,
there's
no
interface
for
that
interaction
here,
where
I
would
assign
at
a
top
level
all
of
my
groups.
A
These
are
all
examples
of
top
level
group,
because
we
don't
have
a
this
admin
field
until
we
get
that
Enterprise
settings
field
and
that's
where
I
think
this
problem
might
exist,
I
I
think
one
of
the
situations
we
might
be
have
we
have
to
probably
wait
till
that
gets
implemented.
That's
kind
of
what
I'm
looking
at
is
that
maybe
you
have
some
sort
of
other
proposal
or
there's
some
other
way.
We
can
do
it
because
right
now,
the
other
way
to
do
it
is
assuming
this
top
level
container,
which
isn't
manifesting.
A
D
D
A
A
B
A
D
A
We
have
the
section
with
the
permissions
containers,
so
we
have
the
the
custom
roll
or
the
standard
role,
which
is
just
this
git
lab
five
permissions
that
we
have
there's.
Also
this
which
I
don't
have
a
strong
I'm,
not
in
love
with
it
right
now,
because
the
problem
is,
we
need
some
sort
of
capability
to
audit
something.
C
Danielle
is
this
paid
for
information
all
in
or
only
right
now,
the
standard
rules
or
with
that
in
the
future,
be
something
that
an
admin
or
a
group
owner
could
disable,
for
example,
as
a
specific
or
remove
do
we
want
to
even
remove
cast
as
a
possibility?
Is
there
any
kind
of
interaction
that
we
are
seeing
in
the
future.
A
A
B
B
A
B
A
D
A
Very
not
responsive
system,
so
the
table
would
just
show
all
the
interactions
and
you
would
then
select.
You
know
what
custom
permission
you
needed,
but
this
is
super
long
term
and
in
the
interim
right
now
we
only
have
the
one
MVC
of
this
one
permission
in
the
back
end
on
the
API.
Only
what
I
want
to
do
is
build
out
some
sort
of
framework
or
foundation
for
this.
The
other
teams
would
then
populate
with
their
specific
feature
permissions,
so
you're
not
going
to
go
and
create
all
of
these,
because
that's
just
too
laborious
right.
A
Why
would
I
have
to
go
and
do
all
the
permissions
work
for
every
different
feature?
We
don't
we're,
not
the
authority
on
that
particular
feature
and
the
use
case
and
user
stories
Etc,
so
I
want
to
build
some
sort
of
framework
or
documentation
on
the
process
and
how
we
add
or
integrate
these
permissions
into
the
UI
or
the
front
end,
and
that's
where
this
kind
of
container
auditor
screen
comes
into
play.
Is
that
that's
part
of
the
framework
of
building
the
custom
role?
A
So
then,
you
can
go
back
and
see
that
now
I
can
go
and
click
around
and
see
that
custom
setting
that
was
created
and
how
it
compares
to
other
custom
permissions
or
custom
roles.
But
that's
where
this
sort
of
interactive
table
comes
from
and
I
thought
using
it
redundantly
in
this
capacity
where
we
actually
go
back
and
can
go
audit
or
click
around
and
change.
The
view
would
be
useful
in
that
when
you're
making
that
custom
role-
and
it
replicates
here
whenever
you're,
building
that
custom
role.
D
D
D
A
D
A
Yeah,
because
the
idea
is,
if
I
select
one
of
these
custom
or
one
of
these
default
roles,
it
changes
the
table
data
exactly
to
developer
here.
In
this
case,
yes,
and
then
same
thing
here,
where
I
enter
a
name
and
then
it
populates
the
name,
that's
the
main
interaction
points
and
then
the
customization
is
these
little
check
boxes.
Yes,.
D
C
If
you
go
back
to
the
previous
thing
to
the
to
the
yeah,
so
what
I
see
here
is
that
these
two
screens
are
actually
not
interactive
and
that
could
be
implemented
in
Hammer
as
except
for
the
search
top
search,
which
is
a
little
bit
of
interaction
that
in
this
search.
Probably
what
we
want
is
to
type
a
role,
a
permission,
a
type
of
permission
and
then.
A
I
I
would
say
at
this
point
since
the
we
have
only
you
know
the
one
NBC
in
the
back
end.
The
ability
for
a
search
is
very
low.
We
don't
have
a
there's,
no
custom
roles
to
be
made
that
are,
you
know.
We
don't
have
the
assumption
that
an
organization
should
be
making
10
different
custom
roles.
You
know
100
different
custom
roles
within
the
next
few
Milestones
or
quarters
right.
A
That's
a
much
farther
problem
to
look
at,
but
we,
the
idea
of
having
the
search
at
some
point
in
the
future,
would
be
more
so
for
the
custom
roles.
If
your
organization
creates
a
bunch
of
custom
roles,
if
an
admin
were
to
query,
oh
team,
a
has
a
custom
permissions
I
want
to
search
for
team,
a
or
whatever
metadata
I
had
assigned
as
part
of
that
creation
process,
and
that
the
search
I
think
would
only
be
just
for
the
permission
name
but
I
think
at
some
point.
A
If
we
have
a
more
robust
search
query
in
the
future,
could
they
query
locations
of
those
custom
permissions
where
they
were
assigned?
You
know
what
groups
or
particular
user
member
I,
don't
know
if
it
makes
sense
for
the
user
member
here
versus
the
user
member
screen
here
in
users,
but
that's
where
I
think
the
idea
of
having
search
bar
would
make
sense.
If
there
was
you
know,
hundreds
of
custom
roles.
A
D
C
A
All
the
members
in
that
group
inherited
that
change
so
arguably
that
that
behavior
should
stay
the
same.
Okay,
it's
up
for
the
admin
to
to
make
sure
that
they're
not
doing
anything
they're
not
supposed
to
by
accident
right
and
that's
where
we
have
the
audit
in
the
future
to
try
and
help
minimize
that
or
you
know
find
where
that
occurred.
D
D
C
If
you
create
a
a
user
with
one
template,
one
custom
role:
template
and
then
you
modify
over
a
long
time.
Then
you
will
have
maybe
hundreds
of
users
with
different
actually
permissions,
because
you
have
been
changing
the
template
on
the
time
of
creating
this
user.
So
it
will
be
really
really
difficult.
So
exactly.
A
A
Right
exactly
so,
that's
where
the
idea
of
the
the
role
to
use
as
a
template.
This
will
only
ever
be
the
standard
gitlab
5
templates,
because
we
only
ever
want
to
create
from
a
a
known,
good
condition
right.
You
don't
want
to
allow
somebody
to
continue
iterating
on
some
weird
custom
permissions
they've
made,
which
could
be
problematic
in
the
future.
D
D
C
D
C
A
D
A
A
D
A
Can
you
go
add
so
in
this
case,
these
the
developer?
Has
this
permission
to
view
an
namespace
and
project
traffic
stats
I
can't
undo
that
we
don't
have
the
facility
in
our
system
just
yet
to
subtract
or
disable
that
so
I
can
only
give
an
additional
permission
that
wasn't
there
to
begin
with.
So
in
this
case
a
developer
couldn't
view
the
billing,
but
if
I
make
this
custom
role
now,
I
can
give
them
the
permission
to
do
custom
to
view
building.
B
A
C
C
D
D
D
B
C
A
A
C
D
B
A
There's
no
restriction
on
what
can
be
given
from
the
bottom
up.
It's
just
so
we
don't
have
a
way
to
do
anything
subtracting
down.
So
in
the
example
you
say,
that'd
be
the
perfect
use
case.
I
have
an
organization
I
have
a
billing
team.
I
just
want
to
look
and
pay
the
bill
for
gitlab
or
whatever,
and
then
I'll
give
them
a
guests
and
then
give
them
the
view
building
check
box
and
that's
it.
A
I
mean
I
I
would
hope
in
the
future,
when
we
can
do
subtractive
permissions,
that
that
would
be
possible,
but
we're
currently
limited
to
the
additives
so
starting
from
guest,
only
okay,
and
also
as
a
way
of
maintaining
again
like
a
known
good
State,
like
the
good
State
being
that
they
can
access
the
platform
and
do
the
basic
stuff
as
a
guest
user.
If
you
have
anything
minus
that
I,
don't
know
what
would
happen
What
because
they
wouldn't
even
be
able
to
get
in
or
some
you
know,
view
certain
pages
or
anything.
C
D
C
D
A
That
that
I
think
also
would
be
pretty
simple,
because
it
would
just
be
a
raw
text.
Query
you're
not
searching
anything
in
in
the
database,
because
all
you
want
to
do
is
say:
I
want
to
I'm
looking
for
building
search
for
building.
Okay,
it's
right
here
under
this
one,
so
I
think
that
makes
sense,
because
it's
not
doing
anything
complicated
just
doing
a
broad
text.
Query
within
the
tables
I
think
that
works.