Should you manage roles and permissions with a UI?

Just about every application needs the concept of roles and permissions. Often, there's a desire to allow non-developers to manage roles and permissions in the application interface, but is that a good idea?

  • (00:00) - Roles and permissions landscape
  • (01:45) - A UI for managing permissions?
  • (04:14) - Rolling out new permissions via migrations
  • (06:45) - What about managing roles in a UI?
  • (09:00) - Covering permissions in tests
  • (10:30) - Maybe a read only UI?
  • (10:55) - Silly bit

Check out the validation worksheet at
No Compromises, LLC