Roles & Permissions Experience
Designing an intuitive and robust self-service experience to increase team efficiency and eliminate financial losses
Company & Team
TaskRabbit is an online marketplace that connects clients with Taskers who can help with everyday tasks, such as cleaning, moving, and handyman work.
A lot of the aspects involved in a task/job are controlled and monitored through our internal tools. For this system to work, these tools need to be in top shape. I worked as the lead product designer on the Tools team to make our system safer, more efficient, and transparent.
Problem
The Admin permissions were not granular enough to restrict access to certain features and prevent user errors. A promo code incorrectly created cost the company $20,000 in losses.
Design Goal
Design a more granular permissions system by applying the RBAC (Role-Based Access Control) model while creating an intuitive user experience to accommodate the newly created 732 permissions.
Old Permissions page
The old permissions page was only accessible to the tools team and behaved like a spreadsheet, but worse, given that you weren’t able to freeze a column or row to help with information scanning and comprehension. Also, this wasn’t necessarily a user-facing experience (only for Tools), so we had to design the new experience from scratch.
Design Process
1. Understanding Our Users
To understand which roles and permissions should be created, we interviewed every team at TaskRabbit and sent out a survey to everyone.
Managers 👩🏻💼🧑🏾💼
Need an easy way to understand the permissions available so they can grant their teams the access they need to get their job done.
Employees 👩🏼💻👨🏾💻
Need to understand the risk of having access to certain permissions and when to request more access.
Tools team 🧑🏻🔧👩🏽🔧
Wants users to be autonomous so engineers can focus on higher priority items, such as P1 bugs.
2. Creating the framework
Once we had a good understanding of our user needs, we started working on defining the roles and permissions for each team in this spreadsheet.
2. Brainstorming and Wireframing
CDS: Creative Design Studio
At TaskRabbit, we start big projects by getting our team together to brainstorm potential solutions to the problem. The team involves the design lead, PM, engineering lead, and stakeholders. In this project, we had members of the Customer Support and Trust & Safety team participating.
Early Explorations
Some of my sketches from CDS
Design Progress
Sidebar navigation
One of my main goals was to help users focus on the actions they needed to accomplish, as quickly as possible. This option gives users a way to quickly navigate across all roles while being able to access the Members and Permissions within each role. However, while we understand the benefit of letting users explore other roles, we realized that most users had the goal of going to their specific role and being able to perform the actions expected within that role. The key was to create a “contained” experience, which gives them everything they need within their role. I also wasn’t convinced that this was the best I could do in terms of UI.
Exploring an experience with sidebar navigation for Roles and the ability to see Members and Permissions all within a single page
Permissions Table
This was an early exploration I did before we understood that the level of granularity shown here wouldn’t suffice our needs. Our permissions access tiers don’t fit within these 4 categories only. The “Edit” access, for example, means different things in each permission. As a user, you might be able to edit part of a specific permission but not the other.
Showing the access level of permissions with a table layout
Member cards
This design was prototyped and tested with users. While visually appealing, the cards made it slightly more time-consuming for users to scan the page's content and required more screen real estate.
The cards draw the users’ attention to the members' photos and make the XP more visually appealing
Collapsible permission cards
Finding the best way to show permissions was a big challenge, especially considering that there are 732 permissions in total. While this layout saves screen real estate by making each permission group collapsible, it doesn’t make it easy for users to view permissions at a first glance.
3. High-Fidelity & Prototyping
Moving into high-fidelity, I decided to prototype two different options for usability testing sessions. We decided to test the most common/important flows for our power users.
Flow 1: Adding members to a role
Flow 2: Cloning existing role to create a temporary one
4. User Testing Insights
✘ It wasn’t clear to users whether they were seeing permissions for that role specifically or all available within the system
Showing the unchecked/checked boxes wasn’t sufficient to communicate granted versus not-granted permissions
✘ Users spent more time on the layout with cards compared to lists
✘ Users were not sure whether they should “Create” or “Clone” a role
5. Iteration
✓ Adopted the list layout for easier comprehension
✓ Improved how we display permissions
Final Design
Impact
✓ Reduced managers’ time on getting employees access to a new permission from 1 day to a few minutes.
✓ More granular permissions (732 total) will lower the chances of major user errors (high financial impact). Since the launch, no major user errors have occurred.
✓ Built a scalable system that can accommodate growth and remote teams.