After reading this article, you'll know:
The different kinds of permissions
The scope of permissions per level
Permission levels
There are multiple types of roles and permissions, within Betty Blocks we identify three different levels for permissions:
Company level
This is the highest level of permission and is very high over, permissions like who can export company data can be configured here.
Organization level
This is the second highest level and allows you to configure more practical configurations like who is allowed to create an application or is allowed to perform a rollback.
Application level
This is the lowest level we acknowledge and is on a very detailed level, you can configure permissions such as who is allowed to check out the data model or action tab. These are not the permissions within your application (runtime) but the permissions for the builders of your application (design time).
Each level has its own permissions, in this article, we'll describe the permissions per level that you can configure.
Company
Below are the different roles and permissions that we have on organizational level.
Company
Name | Description |
View company | With this permission, you're able view the company overview page within the My Betty Blocks environment. |
Export company data | With this permission, you're able to export the company data. |
Move applications to another organization | With this permission, you'll be able to move an application to another organization (assumiong you have the permissions to do so within the given organization). |
Manage company gallery | With this permission, you're able to manage the gallery of your company. |
User management
Name | Description |
Change role of company users | With this permission, you're able to change the role of the users within your company. |
View user management | With this permission, you're able to see the users within the user management tab. |
Roles & permissions
Name | Description |
Update permissions of company role | With this permission, you're able to update the permissions of existing roles within your company. |
Create company role | With this permission, you're able to create new roles within your company. |
Delete company role | With this permission, you're able to delete roles within your company. |
Update name of company roles | With this permission, you're able to update the names of existing roles within your company. |
Toolkit management
Name | Description |
Release a block | With this permission, you're able to release a block, for example, a custom action step, or custom component. In this article, we explain how you can do this via the CLI. |
Change block visibility to public | With this permission, you're able to change the visibility of a block to public. |
Change block visibility to company level | With this permission, you're able to change the visibility of a block to your company meaning everyone within your company can see the block. |
Change block visibility to organization level | With this permission, you're able to change the visibility of a block to your organization meaning everyone within your organization can see the block. |
Change template visibility to company level | With this permission, you're able to change the visibility of a template to the entire company, meaning everyone within your company will be able to view and install the template. |
Organization
Below are the different roles and permissions that we have on organizational level.
Organization
Name | Description |
Manage organization permissions | With this permission, you're able to manage all the organization roles permissions within an organization. |
Manage application development permissions | With this permission, you're able to manage all the application development roles permissions within an organization. |
Manage organization settings | With this permissions, you're able to manage the settings for an organization. |
User management
Name | Description |
Invite users to organization | With this permission, you're able to invite new users to be part of the organization. |
Remove organization user | With this permission, you're able to remove users from an organizarion. |
Change organization member roles | With this permission, you're able to change the role that a user has within an organization. |
Invite users to application | With this permission, you're able to invite new users to an application. |
Remove application user | With this permission, you're able to remove users from an application. |
Change application member roles | With this permission, you're able to change the role of the users of an application. |
Applications
Name | Description |
Create applications | With this permission, you're able to create new applications. |
Change application icon, background and name | With this permission, you're able to change various settings to customize your application. |
Change application identifier | With this permission, you're able to change the identifier of your application. |
Move application into organization | With this permission, you can move applications from another organization into your organization. Note: The scope for this permissions is cross-company. |
Move application out of organization | With this permission, you can move applications from your organization to another organization. |
Enable public testing in sandboxes | With this permission, you're enabling public testing in sandboxes, this is useful when you need to test functionalities in the runtime of your application. Note: This change will be reverted after a period of 2 weeks unless changed. |
Manage application hosts | With this permission, you're able to change the hostname of your application. |
Change invite user template | With this permission, you're able to change the email that's sent out when you invite a new user. |
Promote application to template | With this permission, you're able to promote an application to a template so that other users are able to create an application based on the application template. |
Release management
Name | Description |
Change application status (promote application to production) | With this permission, you're able to change the application status to live. Applications by default have the status development, without this permission, this status cannot be changed. |
Create sandboxes (and branches) | With this permission, you're able to create new sandboxes or branches, below an existing application (in the sandbox manager). |
Merge changes to production application | With this permission, you're able to merge the changes from the sandboxes underneath the production environment into the production environment. |
Merge changes within sandbox manager | With this permission, you can merge changes from one sandbox to another sandbox. Learn more about this here. Good to know: This permission does not allow you to merge to the production application. |
Rollback changes (to the version prior to the last merge) | With this permission, you're able to roll back the application to the version before the latest merge was done. Check this article for more information. |
Application development
For the builders of your application, we separate the permissions based on the pillars of the platform.
Pages
Name | Description |
Unlock wrappers (to change individual components inside the wrapper) | With this permission, you're able to allow builders to change individual components inside a wrapper. This permission is particularly useful for low-code developers who are customizing the application. We recommend disabling this permission for citizen developers, to ensure governance. Learn more about wrappers in this article. |
Start from scratch (create a new page from scratch) | With this permission, you’re able to allow the user to create a new page from scratch (without using a template). |
Show all templates | With this permission, you're able to allow the user to see all the page templates or only templates that are 'citizen developer' ready. For example, the back office template will still be visible when a user doesn't have this permission. |
Manage development mode per page | With this permission, you can give a user the right to go to ‘developer’ mode or ‘basic’ mode in the settings tab of the page builder. |
Data model
Name | Description |
Manage data model permissions per user role | With this permission, you have the flexibility to manage which builder role can adjust the permissions for the data model. It’s recommended to disable this permission for citizen developers and business technologists, to make sure they will not be able to grant themself access to certain data model data. Learn more about data model permissions in this article. |
Manage data models | With this permission, you're able to allow the user to manage the models within the data model tab. This permission is very useful when you do or don't want a user to fiddle around and make changes within the data model tab. |
Actions
Name | Description |
Manage actions | With this permission, you're able to allow the user to manage the actions within the action tab. This permission is very useful when you do or don't want a user to fiddle around and make changes within the action tab. |