►
From YouTube: Settings UX - Compliance & Access
Description
Daniel and Michael discuss work done in compliance and access that is related to settings management
A
This
is
a
continuation
of
some
of
the
work
that
rihanna's
done
to
collect
feedback
from
the
ux
design
team
across
the
different
groups
to
understand
how
different
people
have
been
tackling
settings
or
how
certain
aspects
of
settings
have
held
them
back
in
delivering
what
they
really
wanted
to
deliver
so
yeah.
I
guess
for
the
first
question,
is
yeah
tell
us
a
little
about
some
of
the
work
that
you've
done
in
the
past
with
the
settings,
daniel
yeah.
B
So
I
started
with
compliance
and
in
compliance
we
had
a
number
of
settings
that
were
added
to
try
and
allow
for
compliance,
checks
or
compliance
features
to
to
work
with
gitlab,
and
it
was
kind
of
kind
of
a
learning
on
the
go,
because
we
don't
where
we
at
the
time
we
didn't
have
a
robust
compliance
solution,
so
we're
kind
of
starting
from
scratch,
and
we
weren't
really
familiar
with
where
to
take
it.
Apart
from
just
adding
specific
line.
Item
features
like
have
a
check
for
this
feature
or
protection.
B
If
this
action
happens,
and
it
would
be
an
on
off
just
to
allow
that
feature
to
occur,
going
forward
to
things
like
access,
there
were
again
settings
or
changes
that
we
would
do
for
things
like
with
2fa
or
things
in
the
back
end
to
allow
for
interactions
with
admins
and
users
if
they
were
passes
that
were
or
excuse
me,
resets
to
accounts
or
recess
to
access
that
admins
needed
to
ensure
or
a
user
needed
to
have
access
to.
B
There
is
a
need
to
have
a
place
where
settings
can
be
defined,
at
least
for
an
organization
for
how
the
access
gets
given
to
members
who
are
not
part
of
the
organization,
and
so
when
they
get
invited
in
as
a
freelancer
or
something
how
those
settings
apply
outside
of
the
organization
to
have
those
features
of
those
access
controls
restricted.
B
So
nothing
specific,
at
least
in
the
new
task,
we're
working
on.
But
there
is
work
that
needs
to
be
done
in
order
to
make
sure
there's
certain
checks
or
security
protocols
in
the
settings
that
ensure
some
of
this
protection.
A
Okay,
can
you
tell
me
a
little
bit
about
the
organization
level
because
I'm
familiar
with,
like
instance,
groups
and
projects,
and
when
you
talk
about
organization
level
like
how
does
that
fit
in
into
that
kind
of
paradigm?
Of
instance,
groups,
projects.
B
Yeah,
it's
more
or
less
either
the
instance
environment,
if
it's
a
self-managed
environment
or
the
instance
or
the
groups
group
container,
like
the
organization's
group
that
they
live
in
on
the
dot
com
service.
So
it's
functionally
those
two
pieces,
and
so
we
would
look
at
the
settings
or
the
access
restrictions
tied
to
those
two
entry
points.
A
Okay,
cool,
and
is
that
have
you
done
any
solution,
validation
on
the
stuff
that
you've
looked
into
there
or
is
it
been
already
shipped.
B
Most
of
it
was
very
just
one
simple
thing:
we
needed
to
have
this
thing
turn
on
or
or
have
this
feature
allowed
to
be
done,
but
it
was
that
was
previously
in
compliance,
and
I
think
most
of
that
stuff
was
validated
well
enough.
I
think
at
least
for
us,
because
in
compliance
again
it
was
so
new
that
it
was
kind
of
like
well.
B
We
don't
really
necessarily
know
where
to
put
this
stuff,
so
we're
going
to
put
it
in,
for
example,
like
permissions
or
I'm
looking
at
the
settings
right
now,
like
things
like
advanced,
we
made
some
changes
there
in
regards
to
removing
the
group,
how
there's
protections
for
that.
B
B
There
was
some
changes
with.
Let's
see.
B
See,
I
might
have
changed
some
stuff
around
project
deletion
protection.
This
was
something
that
was
updated
or
changed.
B
There
were
some
tweaks
made
to
that,
because
there
is
the
feature
to
allow
project
deletion
at
different
levels,
so
only
admin
but
then
like,
for
example,
like
a
user,
could
delete
their
project
in
an
environment
where
perhaps
their
the
admin
didn't
want
that
to
have
happen.
So
I'm
not
sure
I
think,
because
I'm
using
a
different
or
maybe
an
outdated
version
of
my
gdk-
that's
probably
not
appearing
here.
Okay,.
A
B
Yeah,
just
some
minor
things
here
and
there
I
think
the
main
problem,
at
least
in
regards
to
just
all
of
the
settings
in
general
that
we've
experienced
was
where
does
something
belong
if
it,
if
it
belongs
to
a
particular
place,
or
it
makes
sense,
does
it
need
to
have
a
section
of
its
own
like,
for
example,
restricted
visibility
levels,
or
can
it
be
added
to
something
like,
in
this
case
default
project
deletion
protection
only
admins?
B
A
So
how
did
you
navigate
like
that
yeah?
That
decision
of,
like.
B
Yeah
I
spoke
with
my
pm
about
that.
Quite
a
bit
to
understand
you
know
what
makes
sense
to
us
what
would
make
sense
to
someone
in
a
compliance-minded
environment
to
see
if
they
were
going
to
go
in
and
make
changes?
What
would
they
think
they
would
need
it
and
then
also
communicating
across
your
organization
talking
with
the
foundations
group
and
other
ux
team
members,
you
know
just
for
some
feedback.
You
know.
Is
this
crazy?
Does
this
make
sense
things
like
that?
But
that's
generally
the
sort
of
idea
that
we're
thinking
about.
A
B
The
idea
being
that
within
our
environment,
it
would
kind
of
just
be
a
set
it
and
forget
it
to
some
degree
so
again
like
having
automation,
tools,
having
checks
or
protocols
or
settings
that
say,
if
this
happens,
then
this
gets
done
or
prevent
these
things
happening.
If
something
else
happens,
so
more.
A
A
A
Are
there
any
kind
of
examples
of
work?
That's
upcoming
in
your
group
now
related
to
settings.
B
So
in
access,
the
only
thing
that
we
have
would
be
in
regards
to
2fa,
but
there
is
nothing
specific
in
regards
to
like
a
setting
or
particular
change
that
would
have
been
applied
or
that's
going
to
happen.
So
the
2fa
is
going
to
get
passed
by
normal
procedure.
But
this
what
happens
after
that?
So
I'll
show
it
real,
quick
I'll
share
the
screen.
B
There
is
a
feature
or
a
setting
that
we're
going
to
have
to
help
users
regain
access,
if
there's
a
2fa
problem
so
like
if
they
have
forgotten
or
lost
their
phone
or
something
like.
B
Exactly
or
their
their
keys
or
their
code
or
whatever
they
have
lost
for
2fa
to
have
a
feature
to
allow
a
reset
for
that
or
a
second
verify
way
of
verifying
so
having
an
admin
check.
So
we're
kind
of
trying
look
at
some
of
these
settings
or
features
here
to
see
what
can
we
do
to
try
and
fix
that
particular
problem,
or
that
particular
use
case
cool.
A
B
A
B
Yeah,
it
should
be
pretty
straightforward,
it
should
just
be
a
matter
of
this
is
the
feature
we're
going
to
turn
on
or
remove
or
change,
but
it
will
just
basically
a
one-to-one
or
if
this,
then,
that
sort
of
behavior
nothing
robustly
complex
or
anything
again
like.
I
said
we're
trying
to
maintain
industry
standards
for
using
2fa
and
how
that
works
across
organizations.
B
Right
now
well,
the
problem
is,
I
don't
think
I've
had
any
experience
or
any
sort
of
instances
where
there's
been
robust
changes
or
overhaul
or
in-depth
work
for
settings
for
a
project
or
an
object.
I
know
coming
up
past
the
2fa
stuff
that
we're
doing
in
access.
There
is
going
to
be
an
investigation
on
policy
creation
and
settings
around
that.
So
it's
kind
of
like,
let's
see
I'll,
show
you
the
issue
here.
B
So
adding
project
deletion
as
a
policy
behavior,
so
we
would
want
to
turn
that
feature
on
in
the
settings
so
having
some
feature
that
would
protect
or
change
project
deletion,
as
I
mentioned
earlier,
but
as
that
relates
to
a
bigger,
bigger
project.
I'll
show
you
that
one
here.
B
B
B
Like
the
members,
for
example,
we
currently
have
those
standard
user
access
levels
like
owner,
maintainer,
reporter
developer
guest
and
so
defining
or
understanding.
Do
we
change
those
roles
or
do
we
add
to
them,
or
do
we
kind
of
make
them
more
granular?
So
some
of
this
that
we're
going
to
have
to
change
or
think
about
if
we
change
the
role
here,
then
what
sort
of
features
or
settings
that
go
associated
with
that
when
you
look
at
like
the
settings.
B
For
a
project
or
something
what
what
would
need
to
be
changed
for
that
and
that's
something
that
we
have
to
think
about
is
if
you're
going
to
start
making
these
policy
level
changes
for
a
project,
then
they
don't
exist
really
here,
there's
no
place
to
put
them,
so
we
might
have
to
add
a
new
container
for
that,
and
so
that's
something.
I
think
that
further
down
the
road
will
be
that
you
know
large
project.
I
would
hope
to
be
proud
of
yeah.
A
Cool
that
concludes
most
of
my
my
kind
of
formal
questions
for
our
chat
today.
Is
there
anything
in
the
work
that
that's
upcoming
for
our
my
group
right
now,
looking
at
settings
and
navigation
that
you
would
want
to
be
informed
about
or
want
more
insight
on?
As
I
progress
on
this.
B
Yeah,
I
think,
for
us
nothing
specific
just
yet
in
the
settings
screen
the
navigation,
possibly
more
so,
but
that
ties
to
the
other
project
that
we're
working
on
in
the
working
group
to
make
containers
more
extensible,
so
the
object
or
the
concept
of
project
versus
group.
Why
do
those
exist
in
a
separate
space
or
a
separate
environment?
You
know
how
we
can
bring
those
together.
How
would
that
improve
the
navigation?