It would be useful to add more control through custom roles for Managers where you can restrict their control to just a single collection rather than all assigned collections.
This would be useful in situations that I have come across where a user needed the ability to add and remove user access to a single short-term collection (for a current project for example), but I did not want them to be able to edit access for all other collections they had been assigned to.
This would remove any additional admin from myself for something as small as this
100% this. Having managers be managers everywhere ruins some really great organizational structures for an organization with multiple teams.
Letβs say my organization has 2 teams within it. I am a manager of my own team, but I am just a normal user for other systems being shared with me. Now, by the other team sharing a collection with me, I am now their manager as well. I can kick them off their own collection, add users they didnβt want to share with, etc.
If I ever want to offer Bitwarden as-a-Service within my company, there needs to be more granular permissions that allow self-service and independence between teams.
In a recent release, collection permissions have been expanded so that each collection has their own set of permissions and there is no longer a broad Manager role. So, IT manager can have Can manage permission to the IT collection while only having Can view permission to the Marketing collection.
Very excited to allow users to create and manage their own collections!