►
From YouTube: Settings UX - Compliance & Access
Description
Daniel and Michael discuss work done in compliance and access that is related to settings management
A
This
is
a
continuation
of
some
of
the
work
that
rihanna's
done
to
collect
feedback
from
the
ux
design
team
across
the
different
groups
to
understand
how
different
people
have
been
tackling
settings
or
how
certain
aspects
of
settings
have
held
them
back
in
delivering
what
they
really
wanted
to
deliver
so
yeah.
I
guess
for
the
first
question,
is
yeah
tell
us
a
little
about
some
of
the
work
that
you've
done
in
the
past
with
the
settings,
daniel
yeah.
B
So
I
started
with
compliance
and
in
compliance
we
had
a
number
of
settings
that
were
added
to
try
and
allow
for
compliance,
checks
or
compliance
features
to
to
work
with
gitlab,
and
it
was
kind
of
kind
of
a
learning
on
the
go,
because
we
don't
where
we
at
the
time
we
didn't
have
a
robust
compliance
solution,
so
we're
kind
of
starting
from
scratch,
and
we
weren't
really
familiar
with
where
to
take
it.
Apart
from
just
adding
specific
line.
Item
features
like
have
a
check
for
this
feature
or
protection.
B
A
B
Yeah,
it's
more
or
less
either
the
instance
environment,
if
it's
a
self-managed
environment
or
the
instance
or
the
groups
group
container,
like
the
organization's
group
that
they
live
in
on
the
dot
com
service.
So
it's
functionally
those
two
pieces,
and
so
we
would
look
at
the
settings
or
the
access
restrictions
tied
to
those
two
entry
points.
B
Most
of
it
was
very
just
one
simple
thing:
we
needed
to
have
this
thing
turn
on
or
or
have
this
feature
allowed
to
be
done,
but
it
was
that
was
previously
in
compliance,
and
I
think
most
of
that
stuff
was
validated
well
enough.
I
think
at
least
for
us,
because
in
compliance
again
it
was
so
new
that
it
was
kind
of
like
well.
B
B
B
B
There
were
some
tweaks
made
to
that,
because
there
is
the
feature
to
allow
project
deletion
at
different
levels,
so
only
admin
but
then
like,
for
example,
like
a
user,
could
delete
their
project
in
an
environment
where
perhaps
their
the
admin
didn't
want
that
to
have
happen.
So
I'm
not
sure
I
think,
because
I'm
using
a
different
or
maybe
an
outdated
version
of
my
gdk-
that's
probably
not
appearing
here.
Okay,.
A
B
B
Yeah
I
spoke
with
my
pm
about
that.
Quite
a
bit
to
understand
you
know
what
makes
sense
to
us
what
would
make
sense
to
someone
in
a
compliance-minded
environment
to
see
if
they
were
going
to
go
in
and
make
changes?
What
would
they
think
they
would
need
it
and
then
also
communicating
across
your
organization
talking
with
the
foundations
group
and
other
ux
team
members,
you
know
just
for
some
feedback.
You
know.
Is
this
crazy?
Does
this
make
sense
things
like
that?
But
that's
generally
the
sort
of
idea
that
we're
thinking
about.
B
The
idea
being
that
within
our
environment,
it
would
kind
of
just
be
a
set
it
and
forget
it
to
some
degree
so
again
like
having
automation,
tools,
having
checks
or
protocols
or
settings
that
say,
if
this
happens,
then
this
gets
done
or
prevent
these
things
happening.
If
something
else
happens,
so
more.
A
A
B
So
in
access,
the
only
thing
that
we
have
would
be
in
regards
to
2fa,
but
there
is
nothing
specific
in
regards
to
like
a
setting
or
particular
change
that
would
have
been
applied
or
that's
going
to
happen.
So
the
2fa
is
going
to
get
passed
by
normal
procedure.
But
this
what
happens
after
that?
So
I'll
show
it
real,
quick
I'll
share
the
screen.
B
Exactly
or
their
their
keys
or
their
code
or
whatever
they
have
lost
for
2fa
to
have
a
feature
to
allow
a
reset
for
that
or
a
second
verify
way
of
verifying
so
having
an
admin
check.
So
we're
kind
of
trying
look
at
some
of
these
settings
or
features
here
to
see
what
can
we
do
to
try
and
fix
that
particular
problem,
or
that
particular
use
case
cool.
A
A
B
Yeah,
it
should
be
pretty
straightforward,
it
should
just
be
a
matter
of
this
is
the
feature
we're
going
to
turn
on
or
remove
or
change,
but
it
will
just
basically
a
one-to-one
or
if
this,
then,
that
sort
of
behavior
nothing
robustly
complex
or
anything
again
like.
I
said
we're
trying
to
maintain
industry
standards
for
using
2fa
and
how
that
works
across
organizations.
B
Right
now
well,
the
problem
is,
I
don't
think
I've
had
any
experience
or
any
sort
of
instances
where
there's
been
robust
changes
or
overhaul
or
in-depth
work
for
settings
for
a
project
or
an
object.
I
know
coming
up
past
the
2fa
stuff
that
we're
doing
in
access.
There
is
going
to
be
an
investigation
on
policy
creation
and
settings
around
that.
So
it's
kind
of
like,
let's
see
I'll,
show
you
the
issue
here.
B
B
B
B
Like
the
members,
for
example,
we
currently
have
those
standard
user
access
levels
like
owner,
maintainer,
reporter
developer
guest
and
so
defining
or
understanding.
Do
we
change
those
roles
or
do
we
add
to
them,
or
do
we
kind
of
make
them
more
granular?
So
some
of
this
that
we're
going
to
have
to
change
or
think
about
if
we
change
the
role
here,
then
what
sort
of
features
or
settings
that
go
associated
with
that
when
you
look
at
like
the
settings.
B
For
a
project
or
something
what
what
would
need
to
be
changed
for
that
and
that's
something
that
we
have
to
think
about
is
if
you're
going
to
start
making
these
policy
level
changes
for
a
project,
then
they
don't
exist
really
here,
there's
no
place
to
put
them,
so
we
might
have
to
add
a
new
container
for
that,
and
so
that's
something.
I
think
that
further
down
the
road
will
be
that
you
know
large
project.
I
would
hope
to
be
proud
of
yeah.
A
B
Yeah,
I
think,
for
us
nothing
specific
just
yet
in
the
settings
screen
the
navigation,
possibly
more
so,
but
that
ties
to
the
other
project
that
we're
working
on
in
the
working
group
to
make
containers
more
extensible,
so
the
object
or
the
concept
of
project
versus
group.
Why
do
those
exist
in
a
separate
space
or
a
separate
environment?
You
know
how
we
can
bring
those
together.
How
would
that
improve
the
navigation?