diff options
author | GitLab Bot <gitlab-bot@gitlab.com> | 2020-06-18 14:18:50 +0300 |
---|---|---|
committer | GitLab Bot <gitlab-bot@gitlab.com> | 2020-06-18 14:18:50 +0300 |
commit | 8c7f4e9d5f36cff46365a7f8c4b9c21578c1e781 (patch) | |
tree | a77e7fe7a93de11213032ed4ab1f33a3db51b738 /doc/development/permissions.md | |
parent | 00b35af3db1abfe813a778f643dad221aad51fca (diff) |
Add latest changes from gitlab-org/gitlab@13-1-stable-ee
Diffstat (limited to 'doc/development/permissions.md')
-rw-r--r-- | doc/development/permissions.md | 25 |
1 files changed, 16 insertions, 9 deletions
diff --git a/doc/development/permissions.md b/doc/development/permissions.md index 0772389bf9e..06a4a03de38 100644 --- a/doc/development/permissions.md +++ b/doc/development/permissions.md @@ -14,7 +14,7 @@ Groups and projects can have the following visibility levels: - private (`0`) - an entity is visible only to the approved members of the entity The visibility level of a group can be changed only if all subgroups and -subprojects have the same or lower visibility level. (e.g., a group can be set +sub-projects have the same or lower visibility level. (e.g., a group can be set to internal only if all subgroups and projects are internal or private). Visibility levels can be found in the `Gitlab::VisibilityLevel` module. @@ -41,11 +41,12 @@ can be accessed only by project members by default. Users can be members of multiple groups and projects. The following access levels are available (defined in the `Gitlab::Access` module): -- Guest -- Reporter -- Developer -- Maintainer -- Owner +- No access (`0`) +- Guest (`10`) +- Reporter (`20`) +- Developer (`30`) +- Maintainer (`40`) +- Owner (`50`) If a user is the member of both a project and the project parent group, the higher permission is taken into account for the project. @@ -56,6 +57,12 @@ can still view the groups and their entities (like epics). Project membership (where the group membership is already taken into account) is stored in the `project_authorizations` table. +CAUTION: **Caution:** +Due to [an issue](https://gitlab.com/gitlab-org/gitlab/-/issues/219299), +projects in personal namespace will not show owner (`50`) permission in +`project_authorizations` table. Note however that [`user.owned_projects`](https://gitlab.com/gitlab-org/gitlab/blob/0d63823b122b11abd2492bca47cc26858eee713d/app/models/user.rb#L906-916) +is calculated properly. + ### Confidential issues Confidential issues can be accessed only by project members who are at least @@ -92,10 +99,10 @@ into different features like Merge Requests and CI flow. | Activity level | Resource | Locations |Permission dependency| |----------------|----------|-----------|-----| -| View | License information | Dependency list, License Compliance | Can view repo | -| View | Dependency information | Dependency list, License Compliance | Can view repo | +| View | License information | Dependency list, License Compliance | Can view repository | +| View | Dependency information | Dependency list, License Compliance | Can view repository | | View | Vulnerabilities information | Dependency list | Can view security findings | -| View | Black/Whitelisted licenses for the project | License Compliance, Merge request | Can view repo | +| View | Black/Whitelisted licenses for the project | License Compliance, Merge request | Can view repository | | View | Security findings | Merge Request, CI job page, Pipeline security tab | Can read the project and CI jobs | | View | Vulnerability feedback | Merge Request | Can read security findings | | View | Dependency List page | Project | Can access Dependency information | |