Custom RBAC & Plan Enforcement
Released: April 19, 2026
A controls release that adds custom roles, permission-aware UI gating, and end-to-end plan-limit enforcement.
New
- Custom roles. Admins can define org-scoped roles beyond the built-in
owner/admin/member/viewerset, with granular permissions per resource type. Custom roles can be assigned at invite time, so new members land with the right access from their first login. usePermissionshook +<Can>component. Pages and UI elements now declare the permission they need; gating is automatic and consistent across the app. No more rendering buttons users can't use.- Plan-limit enforcement. Server-side middleware (
requirePlan,requireUsageLimit) blocks API calls that exceed the active org's plan; the frontend mirrors the same limits via<PlanGate>and<UpgradeCTA>so users see a clear upgrade path before they try the action.
Improved
- Frontend plan gating primitives.
<PlanGate feature="...">,<UpgradeCTA>,<PlanBadge>, and theusePlanGatehook collapse what was scattered conditional logic into a single consistent pattern. - Nav badges for paywalled sections. Sidebar items show a small plan badge (e.g. "Team") when the feature requires an upgrade, so users discover the boundary without surprise on the destination page.
- Plan limits as a single source of truth.
server/services/planLimits.jsandclient/src/config/planConfig.jskeep limits in sync; the backend enforces, the frontend hints.
Fixed
usePlanGatefails open during org load. If the active org isn't loaded yet (cold render), the hook now returns "allowed" rather than flashing the upgrade CTA. Backend still enforces, so this is safe — and avoids the "you don't have access" flicker on every page load.