Roles and Permissions
Bytebase has two disjoint set of roles:
    1.
    Workspace roles: Owner, DBA, Developer
    2.
    Project roles: Owner, Developer
Workspace role and project role are disjoint, which means a Workspace Owner does not automatically assume a Project Owner. One must be granted a separate Project Owner role in order to obtain project specific permissions.
Except there is a break-glass rule, the Workspace Owner can also manage Project Role. You may wonder does it defeat the purpose of having disjoint workspace and project roles? We design this way because for most of the time, the Workspace Owner does not need to deal with any particular project, so it's prudent to limit the permissions to prevent mistakes. On the other hand, it may happen the Project needs to perform emergent admin operations and all existing Project Owners are not available, then the Workspace Owner can jump in.

Workspace roles

By default, the first registered user is granted the Owner role, all following registered users are granted Developer role. Owner can update any user's role later.
Workspace level permission
Developer
DBA
Owner
Change own name and password
βœ”οΈ
βœ”οΈ
βœ”οΈ
View all members
βœ”οΈ
βœ”οΈ
βœ”οΈ
View all environments
βœ”οΈ
βœ”οΈ
βœ”οΈ
View all instances
βœ”οΈ
βœ”οΈ
βœ”οΈ
Create database
βœ”οΈ
βœ”οΈ
βœ”οΈ
View all databases
βœ”οΈ
βœ”οΈ
βœ”οΈ
View all projects
βœ”οΈ
βœ”οΈ
βœ”οΈ
Create project
βœ”οΈ
βœ”οΈ
βœ”οΈ
View all issues
βœ”οΈ
βœ”οΈ
βœ”οΈ
Add comment to all issues
βœ”οΈ
βœ”οΈ
βœ”οΈ
Subscribe to all issues
βœ”οΈ
βœ”οΈ
βœ”οΈ
Alter schema
βœ”οΈ
βœ”οΈ
βœ”οΈ
Add environment
​
βœ”οΈ
βœ”οΈ
Edit environment
​
βœ”οΈ
βœ”οΈ
Reorder environment
​
βœ”οΈ
βœ”οΈ
Archive environment
​
βœ”οΈ
βœ”οΈ
Add instance
​
βœ”οΈ
βœ”οΈ
Edit instance
​
βœ”οΈ
βœ”οΈ
Archive instance
​
βœ”οΈ
βœ”οΈ
Sync instance schema
​
βœ”οΈ
βœ”οΈ
Re-assign issue
​
βœ”οΈ
βœ”οΈ
Become issue assignee
​
βœ”οΈ
βœ”οΈ
Add new user
​
​
βœ”οΈ
Change any user's role
​
​
βœ”οΈ
De-activate/re-activate user
​
​
βœ”οΈ
Change any user's name and password
​
​
βœ”οΈ
​
​
βœ”οΈ
Manage version control system (VCS) provider
​
​
βœ”οΈ

Project roles

Any user can create project. By default, the project creator is granted the Project Owner role.
Project Developer does not have any additional project level permissions. It's for the sidebar to list the projects where the user is a member, as well as the databases belonged to those projects.
Project level permission
Project Developer
Project Owner
Workspace Owner
Change any user's project role
​
βœ”οΈ
βœ”οΈ
Edit project
​
βœ”οΈ
​
Archive project
​
βœ”οΈ
​
Configure UI/Version control workflow
​
βœ”οΈ
​

Database permissions

Bytebase does not define database specific roles. Whether a user can perform certain action to the database is based on the user's Workspace role and the role of the project owning the database.
Database level permission
Project Developer
Project Owner
Workspace Developer
Workspace DBA
Workspace Owner
Take manual backup
βœ”οΈ
βœ”οΈ
​
βœ”οΈ
βœ”οΈ
Transfer database
​
βœ”οΈ
​
βœ”οΈ
βœ”οΈ
Enable backup
​
βœ”οΈ
​
βœ”οΈ
βœ”οΈ
Last modified 2mo ago