As redirection.io is becoming more and more used by large organizations, the roles and permissions orchestration within a project can become quite challenging to set up. Moreover, redirection.io offers a large panel of actions and empowers our customers with many new possibilities towards the traffic of their website... and with great power come a great responsibility 🙂
Some large organizations requested the ability to restrict permissions by path, to prevent customers to manage the traffic outside the site sections under their responsibility. Several use-case were suggested:
- in international contexts, it can be desirable that various users of the same project can only manage disjoint parts of the website. For example, the French marketing team should be authorized to manage redirects under
/fr, but not under
/uk, which should be reserved respectively to the German and British teams
- the customers support team of a company should be able to manage the rules under the
/faq path, while the
/shop part of the website should only be managed by the eCommerce team
We have therefore introduced a new concept: the project segmentation. From now on, "Pro" plan projects can define segments at the project level, which help organize rules and can be used to restrict the permissions of users within the project.
How to create project segments¶
Organization and project Administrators can add, edit and delete segments under the "Segments" tab, in the project settings:
In order to add a segment, click on the "Add a segment" button, and fill in the form:
You can add as many conditions as you want: all the rules for which the "Source URL" starts with one of the provided strings will be considered as part of the segment. This means that several segments can share some URLs. It also means that a segment can be a restriction on a given domain, or even on a given protocol (scheme).
How to restrict a member to one or several segments¶
Once segments have been defined, project members can be attached to one or more segments, to restrict their rules edition permissions. It is even possible to define a segment restriction directly when inviting a user in the project:
Go to the "members" tab, on the project settings screen. Hit the "Invite another user", and choose either the "Contributor" or "Publisher" role. The "Segments restrictions" dropdown appears and lets you choose one or more segments that must be attached to this user once the invitation will be accepted.
The segments are displayed on the members list
A user with segment restrictions will only be allowed to create rules for which the "Source URL" starts with one of its segments contraints.
Segment-restricted users have limited actions:
- they cannot create or edit rules for which the Source URL does not match their segment restrictions
- they cannot mark for deletion rules that are not part of their segments
- a Publisher with segment restriction can only publish rules within their segment. If some draft rules are not part of the Publisher segment(s), they won't be published, and will remain untouched
- a Publisher with segment restrictions cannot rollback to a previous version of the ruleset, as this could introduce changes outside his segment restrictions
Bonus: filter the rules based on their segment¶
Whatever their segment restrictions, all the project members can see the list of all the rules that have been configured in the project. However, as a user it can sometimes be useful to list only the rules that you can edit - so, a new "Segment" filter has been added in the rules list screen. It allows to isolate the rules that are specific to one or more segments:
With this new "segments" feature, redirection.io adds a new layer of fine-grained administration capabilities, to help delegate the traffic management to several entities within large organizations and websites. The feature is available as of today for all the "Pro" organizations!
➡ Read the full documentation about Project segments