We have released a first version of Role Based Access Control (RBAC) on Organization level in My Betty Blocks. This will soon have impact on 1 existing My Betty Blocks feature: the ability to merge changes (into a higher application level).
In this post we will explain how you can now already prepare for this change, which will become active on April 5th 2022.
Why this feature is introduced
To give Organization admins more guardrails to manage what users can do within the platform we introduce a Role Based Acces Control system. This means roles (and certain permissions) can be managed by Organization admins.
We now focused on two permissions, because both can have a big impact when they are not used in the correct way:
- Merge changes (into a higher application level)
- Change application status (promote application to production)
How will this impact you?
Currently on organization level we already have two roles: Admin and Member. We will keep these roles and all existing organization users will by default be in the role they already had. Above two permissions will be turned ON for the Admin role, and OFF for Member role.
At this moment the first permission (Merge changes) can still be performed by any Builder (application role) with access to the source sandbox. This behaviour is going to change on April 5th 2022, because from that moment only people who are in an organization role which has this permission enabled can perform merges.
The second permission ( change application status) can currently already only be executed by organization admins. This behaviour will stay the same, but we will give you freedom to give this permission to additional roles as well.
How to manage Organization Roles & Permissions in My Betty Blocks?
In the new Roles & Permissions page (accessible via User management) organization admins can from now on manage the Roles & Permissions. This means you can create a new organization role, rename the role and enable/disable the permissions per role. How this works:
- User management can be accessed by clicking the button "User management" (formerly called "Users") in the organization overview.
- Roles & Permissions can be managed by opening the third tab (Roles & Permissions) in the user management overview.
- New organization roles can be created by clicking the "Add" button (a modal will appear to name and save the new role). After the role is created its permissions can be managed.
- Organization members can be assigned to a (new) role via the organization user management page. As mentioned before all existing users will by default be in the role they already had (Admin or Member).
What we recommend you to do now
We advise you look at which organization users should get the permission to merge, but aren't organization admins now. These users can be put in a new organization role that has the permission (merge changes) enabled. The new role can for example be named "Publisher" or "Approver". By doing this all the people that are allowed to merge can still do so after the change (5th of April 2022) is applied.
Side note about Roles & Permissions
The Roles & Permissions on application level (builder and user), in the IDE (within data models) and in the Back Office are not impacted by this change in any way and will keep working the same.
If you would like to know more about this feature or have feedback you would like to share with us, please feel free to reach out to us at support@bettyblocks.com.
