Permissions Overhaul Project

How does this project fit into your broader strategy?

Q2 OKRs coming soon!

Team

Project owner: @Dennis Kittrell (Deactivated) 

Team members: @Scott Bishel @Catalin Tomai @Martin Kraft (Deactivated) @Hossein Ahmadian (Deactivated) @Farhan Munshi (Deactivated) @Michael Gamble (Deactivated)

Status

PENDING

Why are we doing this?

Problem statement: Mattermost permissions are constrained architecturally from multiple scenarios demanded by enterprise customers.

Impact of this problem: Permissions are often not utilized to their fullest potential, blocking growth in larger organizations and preventing adoption from prospective customers with advanced permissions requirements.

How do we judge success?

• 100% of our customers and prospects are consistently utilizing roles and permissions upon server setup

• Post-deployment NPS scores for System Admins increase by at least 10 points

• We have zero closed/lost reports related to permissions/role management blockers.

What are possible solutions?

1. Rearchitect permissions completely

2. Redesign permissions management within the System Console UI

What do we already know?

We know that all of the potential and validated scenarios below need to be possible in a new permissions architecture and future states of the system console UI:

• Ability to create custom roles and propagate them to specific teams/channels or all teams/channels

• Provide a default list of roles (e.g. Super Admin, Admin, Team Admin, Channel Admin, Moderator, Integrations Manager)

• Ability to edit permissions of default roles

• Ability to rename all roles

• Ability to assign multiple roles to users and/or groups

• Ability to view all roles and permissions assigned to a specific user or group

• Ability to view all users and groups assigned a specific role or permission

• Ability to assign a single user the same role on all teams or specific teams

• Team admin can create custom roles but can only grant permissions matching their own or less

• Ability to create classified channels for multi-level security (channels outside of compliance, that even super admins cannot access - only certain roles/clearance levels can access)

• Ability to restrict management of individual plugins

• Ability to restrict specified members to chat-only access to a channel, team or system

• Support for "Regulated users"

• Ability to create Ethical Boundaries / Chinese walls between users

• Plugins to be able to create/edit permissions

• Audit history of all permissions changes (new role assigned, permission removed from user)

We also outlined the following admin permissions that have been requested:

• Restricted read & write access to console sections (one permission for each section of the console)

• Restricted read access to console sections (one permission for each section of the console)

• Can manage permissions (system level and team level)

• Can override permissions for a user

• Can create new roles/edit existing roles

• Can manage integrations (create, delete own and others' bots/slash commands)

• Can access database

• Add members to channels you are not member of

• Manage and access compliance exports

• Create Jr Admins/Manage Admin Permissions

• Ability to Auto-join channels via permalink

What do we need to answer?

1. What are the most important scenarios to customers?

2. Do we need to build for post level content access?

3. Is E2E encryption a feature demanded in Classified/Multi-Level Security channels? If so, is that something that aligns with our overall mission/strategy?

What are we doing?

TBD

Why will a customer want this?

Visualize the solution

Scale and scope