Key Problem

The Submittable application lacked a way for users to create custom roles and define the specific permissions and accesses per role. The current default level roles were limited and not flexible enough to meet the users’ complex role and security needs. Additionally, the implementation team would take several days (sometimes up to two weeks) to onboard new users and add them to a role; investing precious time in this manual work.

Project Goals

  • Let users create custom roles and define their respective access

  • Onboard new users and customers within hours rather than days

  • Create custom roles across both the GMS and EE platforms and users

User Research

To gain insights on users’ frustrations I conducted both qualitative and quantitative research methods to gather data. Questions were presented to participants to assess their attitudes across the following three categories:

↪︎ Onboarding new users

Participants were asked about their process for onboarding new customers and users onto the GMS and EE applications. They described the process as quite manual, having to individually invite new users to the applications and ensure they were getting the correct level. What should've taken a few hours to do was taking much longer due to larger customers with complex user role needs.

↪︎ Current Workflows

Participants detailed their workflows for onboarding new users, managing existing users and roles, and deleting users from the applications. They had reminders set up at the end of the week to set aside a couple of hours just to edit existing users' roles and change their levels. They also described how it was extremely easy to remove a user and there were no guardrails against doing so. Re-adding a deleted user was a challenging process particularly due to the fact that they couldn't get any historical information on removed users and their previous level.

↪︎ Submittable's default levels

Participants shared their thoughts of Submittable's default levels. They thought the 5 levels were extremely limited and very rigid. Bigger customers always wanted to create their own custom roles and have the ability to go in and quickly edit the permissions per role. Some customers even mentioned that they need to have specific roles at a project-level, which was another layer of complexity. Many mentioned that competitors had a simple way of adding custom roles too.

Pain Points

From my research I was able to identify the following pain points that were common among users:

1

The default levels were limited

Submittable's default levels 1-5 were too limited and didn't provide the customization users needed

2

Setting specific permissions

Users wanted to set specific permissions and access per role. They couldn't edit the default levels in any way, shape, or form

3

Onboarding was inefficient

Onboarding new users and customers was a manual and long process, taking the implementation team much longer than it should have

Making Meaning of the Data

After the research stage, I parsed through the takeaways and key findings to begin brainstorming how I could tackle an RBAC feature and address the users’ frustrations.

I conducted several brainstorming workshops with the product team and engineers to begin mapping out the various user paths and ensure everything was being tied back to the appropriate features within the applications.

These sessions were imperative as they helped me find the clearest flows and remove any redundant or confusing steps.

Low Fidelity Sketches

I played around with a couple of ideas to create custom roles, taking inspiration from searching and viewing an organization profile in the admin tool. User feedback helped me validate the designs and I was able to narrow down my ideas from there.

Mid Fidelity Design Iterations

I started introducing elements and components to the designs as well as creating complex prototypes to visualize the user flow. User feedback sessions and design reviews helped me iterate on the designs and validate we were heading in the right direction.

Usability Study Findings

Throughout the project, I conducted rounds of usability studies. The initial round assessed the functionality of the user flow and architecture. The next rounds consisted around my high-fidelity prototypes and identifying areas where the mockups needed refinement or was confusing.

Takeaways & Insights

Achievements:

  • Participants loved how easy it was to turn on certain permissions for new roles

  • The user flow for creating a new custom role was intuitive and simple

  • Almost all participants mentioned that this would save time and energy when onboarding new users

Challenges:

  • It was unclear which permissions were locked vs. unlocked

  • Confusion around why certain permissions were locked

  • A few participants warned that customers would try to abuse the feature and create lots of new roles that weren't necessary

Final Designs

After going through a few cycles of design iterations and testing, the final designs were completed.

Reflection

I had certain expectations going into this project, however, throughout the design stages, I learned it was quite complicated with the numerous ways roles and permissions tied together with other features in the application. Maintaining an open-door policy and fostering collaboration played a crucial role. Feedback with cross functional teams and teamwork was the key to delivering a seamless handoff of the final designs.

1

Successful Collaboration

This feature is still being built, but it was a big success in terms of cross-functional collaboration and testing it with users and internal teams

2

Improving the GMS application

In addition to building this feature in the admin tool, we'll be improving the look and feel of the "Manage Team" page in the GMS application for current users

3

Customization for users

This feature will give our users much-needed customization for their structure and needs, improving their overall user experience

RBAC Case Study

This project introduced a custom roles and permissions feature for seamless access control.

Timeline

Aug 2024 - Present

Role

Design Lead

Responsibilities

User Research

Information Architecture

Design Ideation

Usability Testing