Permissions reference

This article describes the different kinds of permissions at three levels: company, organization and application.


After reading this article, you'll know:

  • The different kinds of permissions

  • The scope of permissions per level

Permission levels

There are multiple types of roles and permissions, within Betty Blocks we identify three different levels for permissions:

  • Company level

    • This is the highest level of permission and is very high over, permissions like who can export company data can be configured here.

  • Organization level

    • This is the second highest level and allows you to configure more practical configurations like who is allowed to create an application or is allowed to perform a rollback.

  • Application level

    • This is the lowest level we acknowledge and is on a very detailed level, you can configure permissions such as who is allowed to check out the data model or action tab. These are not the permissions within your application (runtime) but the permissions for the builders of your application (design time).

Each level has its own permissions, in this article, we'll describe the permissions per level that you can configure.

Company

Below are the different roles and permissions that we have at the company level.

Company

Name

Description

View company

View the company overview page within the My Betty Blocks environment.

View company billing information

See a notification whenever your organizations and applications are not compliant with your contract.

Export company data

With this permission, you're able to export the company data.

Move applications to another organization

With this permission, you'll be able to move an application to another organization (assuming you have permission to do so within the given organization).

Manage company gallery

With this permission, you're able to manage the gallery of your company.

Manage user provisioning

Enables to turn on and configure the user provisioning in My Betty Blocks, allowing for IDP synchronization.

View company blocks

See all blocks shared on your company level.

User management

Name

Description

Change role of company users

With this permission, you're able to change the role of the users within your company.

View user management

See the users within the user management tab.

Roles & permissions

Name

Description

Update permissions of company role

Update the permissions of existing roles within your company.

Create company role

With this permission, you're able to create new roles within your company.

Delete company role

With this permission, you're able to delete roles within your company.

Update name of company roles

Update the names of existing roles within your company.

Toolkit management

Name

Description

View all company blocks in Block Store

View all blocks in the Block Store that are connected to your company.

Edit all company blocks in Block Store

Edit all blocks' information in the Block Store that are connected to your company.

Release a block

With this permission, you're able to release a block, for example, a custom action step, or custom component. In this article, we explain how you can do this via the CLI.

Verify a block

Verify a block, setting a green checkmark proving the quality of the block.

Manage developers of all company blocks in Block Store

Manage developers on blocks on your company's level.

Change block visibility to public

With this permission, you're able to change the visibility of a block to public.

Change block visibility to company level

Change the visibility of a block to your company meaning everyone within your company can see the block.

Change block visibility to organization level

With this permission, you're able to change the visibility of a block to your organization meaning everyone within your organization can see the block.

Change template visibility to company level

Change the visibility of a template to the entire company, meaning everyone within your company will be able to view and install the template.

 


Organization

Below are the different roles and permissions that we have on the organizational level.

Organization

Name

Description

Manage organization permissions

With this permission, you're able to manage all the organization roles permissions within an organization.

Manage application development permissions

With this permission, you're able to manage all the application development roles permissions within an organization.

Manage organization settings

With these permissions, you're able to manage the settings for an organization.

User management

Name

Description

Invite users to organization

With this permission, you're able to invite new users to be part of the organization.

Remove organization user

With this permission, you're able to remove users from an organizarion.

Change organization member roles

With this permission, you're able to change the role that a user has within an organization.

Invite users to application

With this permission, you're able to invite new users to an application.

Remove application user

With this permission, you're able to remove users from an application.

Change application member roles

With this permission, you're able to change the role of the users of an application.

Applications

Name

Description

Create applications

With this permission, you're able to create new applications.

Delete applications

With this permission, you're able to delete applications.

Change application icon, background and name

Change application identifier

With this permission, you're able to change the identifier of your application.

Move application into organization

Move applications from another organization into your organization.

 

Note: The scope for this permissions is cross-company.

Move application out of organization

With this permission, you can move applications from your organization to another organization.


Note: The scope for this permissions is cross-company.

Enable public testing in sandboxes

Enabling public testing in sandboxes is useful when you need to test functionalities in the runtime of your application.

 

Note: This change will be reverted after 2 weeks unless changed.

Manage application hosts

Change the hostname of your application.

Change invite user template

With this permission, you're able to change the email that's sent out when you invite a new user.

Promote application to template

Promote an application to a template so that other users can create an application based on the application template.

View merge history

View all merge/rollback history on an application and its sandboxes, and who initiated them.

 

Release management

Name

Description

Change application status (promote application to production)

With this permission, you're able to change the application status to live. Applications by default have the status development, without this permission, this status cannot be changed.

Create sandboxes (and branches)

With this permission, you're able to create new sandboxes or branches, below an existing application (in the sandbox manager).

Delete sandboxes (and branches)

With this permission, you're able to delete sandboxes or branches (in the sandbox manager).

Merge changes to production application

With this permission, you're able to merge the changes from the sandboxes underneath the production environment into the production environment.

Merge changes within sandbox manager

With this permission, you can merge changes from one sandbox to another sandbox. Learn more about this here.

Good to know: This permission does not allow you to merge to the production application.

Rollback changes (to the version prior to the last merge)

With this permission, you're able to roll back the application to the version before the latest merge was done. Check this article for more information.

 


Application development

For the builders of your application, we separate the permissions based on the pillars of the platform.

Pages

Name

Description

Unlock wrappers (to change individual components inside the wrapper)

With this permission, you're able to allow builders to change individual components inside a wrapper. This permission is particularly useful for low-code developers who are customizing the application. We recommend disabling this permission for citizen developers, to ensure governance. Learn more about wrappers in this article.

Start from scratch (create a new page from scratch)

With this permission, you’re able to allow the user to create a new page from scratch (without using a template).

Show all templates

With this permission, you're able to allow the user to see all the page templates or only templates that are 'citizen developer' ready. For example, the back office template will still be visible when a user doesn't have this permission.

Manage development mode per page

With this permission, you can give a user the right to go to ‘developer’ mode or ‘basic’ mode in the settings tab of the page builder.

Models

Name

Description

Manage data model permissions per user role

With this permission, you have the flexibility to manage which builder role can adjust the permissions for the data model. It’s recommended to disable this permission for citizen developers and business technologists, to make sure they will not be able to grant themself access to certain data model data. Learn more about data model permissions in this article.

Manage data models

With this permission, you're able to allow the user to manage the models within the data model tab. This permission is very useful when you do or don't want a user to fiddle around and make changes within the data model tab.

Actions

Name

Description

Manage actions

With this permission, you're able to allow the user to manage the actions within the action tab. This permission is very useful when you do or don't want a user to fiddle around and make changes within the action tab.