diff options
| author | GitLab Bot <gitlab-bot@gitlab.com> | 2022-03-18 23:02:30 +0300 |
|---|---|---|
| committer | GitLab Bot <gitlab-bot@gitlab.com> | 2022-03-18 23:02:30 +0300 |
| commit | 41fe97390ceddf945f3d967b8fdb3de4c66b7dea (patch) | |
| tree | 9c8d89a8624828992f06d892cd2f43818ff5dcc8 /doc/development/permissions.md | |
| parent | 0804d2dc31052fb45a1efecedc8e06ce9bc32862 (diff) | |
Add latest changes from gitlab-org/gitlab@14-9-stable-eev14.9.0-rc42
Diffstat (limited to 'doc/development/permissions.md')
| -rw-r--r-- | doc/development/permissions.md | 25 |
1 files changed, 21 insertions, 4 deletions
diff --git a/doc/development/permissions.md b/doc/development/permissions.md index a5d211a5d2e..47aebc2f4d2 100644 --- a/doc/development/permissions.md +++ b/doc/development/permissions.md @@ -9,6 +9,23 @@ info: To determine the technical writer assigned to the Stage/Group associated w There are multiple types of permissions across GitLab, and when implementing anything that deals with permissions, all of them should be considered. +## Instance + +### User types + +Each user can be one of the following types: + +- Regular. +- External - access to groups and projects only if direct member. +- [Internal users](internal_users.md) - system created. +- [Auditor](https://gitlab.com/gitlab-org/gitlab/-/blob/master/ee/app/policies/ee/base_policy.rb#L9): + - No access to projects or groups settings menu. + - No access to Admin Area. + - Read-only access to everything else. +- [Administrator](https://gitlab.com/gitlab-org/gitlab/-/blob/master/app/policies/base_policy.rb#L6) - read-write access. + +See the [permissions page](../user/permissions.md) for details on how each user type is used. + ## Groups and Projects ### General permissions @@ -38,7 +55,7 @@ Additionally, the following project features can have different visibility level - Issues - Repository - - Merge Request + - Merge request - Forks - Pipelines - Analytics @@ -124,9 +141,9 @@ into different features like Merge Requests and CI flow. | View | License information | Dependency list, License Compliance | Can view repository | | View | Dependency information | Dependency list, License Compliance | Can view repository | | View | Vulnerabilities information | Dependency list | Can view security findings | -| View | Black/Whitelisted licenses for the project | License Compliance, Merge request | Can view repository | -| View | Security findings | Merge Request, CI job page, Pipeline security tab | Can read the project and CI jobs | -| View | Vulnerability feedback | Merge Request | Can read security findings | +| View | Black/Whitelisted licenses for the project | License Compliance, merge request | Can view repository | +| View | Security findings | merge request, CI job page, Pipeline security tab | Can read the project and CI jobs | +| View | Vulnerability feedback | merge request | Can read security findings | | View | Dependency List page | Project | Can access Dependency information | | View | License Compliance page | Project | Can access License information| |