This article describes the different kinds of permissions at three levels: company, organization and application.
After reading this article, you'll know:
-
The different kinds of permissions
-
The scope of permissions per level
Permission levels
There are multiple types of roles and permissions, within Betty Blocks we identify three different levels for permissions:
-
Company level
-
This is the highest level of permission and is very high over, permissions like who can export company data can be configured here.
-
-
Organization level
-
This is the second highest level and allows you to configure more practical configurations like who is allowed to create an application or is allowed to perform a rollback.
-
-
Application level
-
This is the lowest level we acknowledge and is on a very detailed level, you can configure permissions such as who is allowed to check out the data model or action tab. These are not the permissions within your application (runtime) but the permissions for the builders of your application (design time).
-
Each level has its own permissions, in this article, we'll describe the permissions per level that you can configure.
Company
Below are the different roles and permissions that we have at the company level.
Company
Name |
Description |
View company |
View the company overview page within the My Betty Blocks environment. |
View company billing information |
See a notification whenever your organizations and applications are not compliant with your contract. |
Export company data |
With this permission, you're able to export the company data. |
Move applications to another organization |
With this permission, you'll be able to move an application to another organization (assuming you have permission to do so within the given organization). |
Manage company gallery |
With this permission, you're able to manage the gallery of your company. |
Manage user provisioning |
Enables to turn on and configure the user provisioning in My Betty Blocks, allowing for IDP synchronization. |
View company blocks |
See all blocks shared on your company level. |
User management
Name |
Description |
Change role of company users |
With this permission, you're able to change the role of the users within your company. |
View user management |
See the users within the user management tab. |
Roles & permissions
Name |
Description |
Update permissions of company role |
Update the permissions of existing roles within your company. |
Create company role |
With this permission, you're able to create new roles within your company. |
Delete company role |
With this permission, you're able to delete roles within your company. |
Update name of company roles |
Update the names of existing roles within your company. |
Toolkit management
Name |
Description |
View all company blocks in Block Store |
View all blocks in the Block Store that are connected to your company. |
Edit all company blocks in Block Store |
Edit all blocks' information in the Block Store that are connected to your company. |
Release a block |
With this permission, you're able to release a block, for example, a custom action step, or custom component. In this article, we explain how you can do this via the CLI. |
Verify a block |
Verify a block, setting a green checkmark proving the quality of the block. |
Manage developers of all company blocks in Block Store |
Manage developers on blocks on your company's level. |
Change block visibility to public |
With this permission, you're able to change the visibility of a block to public. |
Change block visibility to company level |
Change the visibility of a block to your company meaning everyone within your company can see the block. |
Change block visibility to organization level |
With this permission, you're able to change the visibility of a block to your organization meaning everyone within your organization can see the block. |
Change template visibility to company level |
Change the visibility of a template to the entire company, meaning everyone within your company will be able to view and install the template. |
Organization
Below are the different roles and permissions that we have on the organizational level.
Organization
Name |
Description |
Manage organization permissions |
With this permission, you're able to manage all the organization roles permissions within an organization. |
Manage application development permissions |
With this permission, you're able to manage all the application development roles permissions within an organization. |
Manage organization settings |
With these permissions, you're able to manage the settings for an organization. |
User management
Name |
Description |
Invite users to organization |
With this permission, you're able to invite new users to be part of the organization. |
Remove organization user |
With this permission, you're able to remove users from an organizarion. |
Change organization member roles |
With this permission, you're able to change the role that a user has within an organization. |
Invite users to application |
With this permission, you're able to invite new users to an application. |
Remove application user |
With this permission, you're able to remove users from an application. |
Change application member roles |
With this permission, you're able to change the role of the users of an application. |
Applications
Name |
Description |
Create applications |
With this permission, you're able to create new applications. |
Delete applications |
With this permission, you're able to delete applications. |
Change application icon, background and name |
Change various settings to customize your application. |
Change application identifier |
With this permission, you're able to change the identifier of your application. |
Move application into organization |
Move applications from another organization into your organization.
Note: The scope for this permissions is cross-company. |
Move application out of organization |
With this permission, you can move applications from your organization to another organization.
|
Enable public testing in sandboxes |
Enabling public testing in sandboxes is useful when you need to test functionalities in the runtime of your application.
Note: This change will be reverted after 2 weeks unless changed. |
Manage application hosts |
Change the hostname of your application. |
Change invite user template |
With this permission, you're able to change the email that's sent out when you invite a new user. |
Promote application to template |
Promote an application to a template so that other users can create an application based on the application template. |
View merge history |
View all merge/rollback history on an application and its sandboxes, and who initiated them. |
Release management
Name |
Description |
Change application status (promote application to production) |
With this permission, you're able to change the application status to live. Applications by default have the status development, without this permission, this status cannot be changed. |
Create sandboxes (and branches) |
With this permission, you're able to create new sandboxes or branches, below an existing application (in the sandbox manager). |
Delete sandboxes (and branches) |
With this permission, you're able to delete sandboxes or branches (in the sandbox manager). |
Merge changes to production application |
With this permission, you're able to merge the changes from the sandboxes underneath the production environment into the production environment. |
Merge changes within sandbox manager |
With this permission, you can merge changes from one sandbox to another sandbox. Learn more about this here. Good to know: This permission does not allow you to merge to the production application. |
Rollback changes (to the version prior to the last merge) |
With this permission, you're able to roll back the application to the version before the latest merge was done. Check this article for more information. |
Application development
For the builders of your application, we separate the permissions based on the pillars of the platform.
Pages
Name |
Description |
Unlock wrappers (to change individual components inside the wrapper) |
With this permission, you're able to allow builders to change individual components inside a wrapper. This permission is particularly useful for low-code developers who are customizing the application. We recommend disabling this permission for citizen developers, to ensure governance. Learn more about wrappers in this article. |
Start from scratch (create a new page from scratch) |
With this permission, you’re able to allow the user to create a new page from scratch (without using a template). |
Show all templates |
With this permission, you're able to allow the user to see all the page templates or only templates that are 'citizen developer' ready. For example, the back office template will still be visible when a user doesn't have this permission. |
Manage development mode per page |
With this permission, you can give a user the right to go to ‘developer’ mode or ‘basic’ mode in the settings tab of the page builder. |
Models
Name |
Description |
Manage data model permissions per user role |
With this permission, you have the flexibility to manage which builder role can adjust the permissions for the data model. It’s recommended to disable this permission for citizen developers and business technologists, to make sure they will not be able to grant themself access to certain data model data. Learn more about data model permissions in this article. |
Manage data models |
With this permission, you're able to allow the user to manage the models within the data model tab. This permission is very useful when you do or don't want a user to fiddle around and make changes within the data model tab. |
Actions
Name |
Description |
Manage actions |
With this permission, you're able to allow the user to manage the actions within the action tab. This permission is very useful when you do or don't want a user to fiddle around and make changes within the action tab. |