diff options
Diffstat (limited to 'doc/user/custom_roles/abilities.md')
-rw-r--r-- | doc/user/custom_roles/abilities.md | 64 |
1 files changed, 51 insertions, 13 deletions
diff --git a/doc/user/custom_roles/abilities.md b/doc/user/custom_roles/abilities.md index 3e74fcc5a7d..d117a495798 100644 --- a/doc/user/custom_roles/abilities.md +++ b/doc/user/custom_roles/abilities.md @@ -1,9 +1,19 @@ --- stage: Govern group: Authorization -info: To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments +info: "To determine the technical writer assigned to the Stage/Group associated with this page, see https://handbook.gitlab.com/handbook/product/ux/technical-writing/#assignments" --- +<!--- + This documentation is auto generated by a Rake task. + + Please do not edit this file directly. To update this file, run: + bundle exec rake gitlab:custom_roles:compile_docs + + To make changes to the output of the Rake task, + edit `tooling/custom_roles/docs/templates/custom_abilities.md.erb`. +---> + # Available custom abilities The following abilities are available. You can add these abilities in any combination @@ -13,15 +23,43 @@ Some abilities require having other abilities enabled first. For example, admini These requirements are documented in the `Required ability` column in the following table. -| Ability | Version | Required ability | Description | -| ------------------------------- | -----------------------| -------------------- | ----------- | -| `read_code` | [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/106256) in GitLab 15.7 [with a flag](../../administration/feature_flags.md) named `customizable_roles`. [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/114524) in GitLab 15.10.| Not applicable | View project code. Does not include the ability to pull code. | -| `read_vulnerability` | [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/10160) in GitLab 16.1 [with a flag](../../administration/feature_flags.md) named `custom_roles_vulnerability`. [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/124049) in GitLab 16.2. | Not applicable | View [vulnerability reports](../application_security/vulnerability_report/index.md). | -| `admin_vulnerability` | [Introduced in GitLab 16.1](https://gitlab.com/gitlab-org/gitlab/-/issues/412536). | `read_vulnerability` | Change the [status of vulnerabilities](../application_security/vulnerabilities/index.md#vulnerability-status-values). | -| `read_dependency` | [Introduced in GitLab 16.3](https://gitlab.com/gitlab-org/gitlab/-/issues/415255). | Not applicable | View [project dependencies](../application_security/dependency_list/index.md). | -| `admin_merge_request` | [Introduced in GitLab 16.4](https://gitlab.com/gitlab-org/gitlab/-/issues/412708). | Not applicable | View and approve [merge requests](../project/merge_requests/index.md), revoke merge request approval, and view the associated merge request code. <br> Does not allow users to view or change merge request approval rules. | -| `manage_project_access_tokens` | [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/421778) in GitLab 16.5 [with a flag](../../administration/feature_flags.md) named `manage_project_access_tokens` | Not applicable | Create, delete, and list [project access tokens](../project/settings/project_access_tokens.md). | -| `admin_group_member` | [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/17364) in GitLab 16.5 | Not applicable | Add or remove [group members](../group/manage.md). | -| `archive_project` | [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/425957) in GitLab 16.7 | Not applicable | [Archive and unarchive projects](../project/settings/migrate_projects.md#archive-a-project). | -| `remove_project` | [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/425959) in GitLab 16.8 | Not applicable | [Delete projects](../project/working_with_projects.md#delete-a-project). | -| `manage_group_access_tokens` | [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/428353) in GitLab 16.8 | Not applicable | [Create, delete, and list group access tokens](../group/settings/group_access_tokens.md). | +## Code review workflow + +| Name | Required permission | Description | Introduced in | Feature flag | Enabled in | +|:-----|:------------|:------------------|:---------|:--------------|:---------| +| [`admin_merge_request`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/128302) | | Allows approval of merge requests. | GitLab [16.4](https://gitlab.com/gitlab-org/gitlab/-/issues/412708) | | | +| [`read_code`](https://gitlab.com/gitlab-org/gitlab/-/issues/376180) | | Allows read-only access to the source code. | GitLab [15.7](https://gitlab.com/gitlab-org/gitlab/-/issues/20277) | `customizable_roles` | GitLab [15.9](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/110810) | + +## Group and projects + +| Name | Required permission | Description | Introduced in | Feature flag | Enabled in | +|:-----|:------------|:------------------|:---------|:--------------|:---------| +| [`admin_group_member`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/131914) | | Allows admin of group members. | GitLab [16.5](https://gitlab.com/gitlab-org/gitlab/-/issues/17364) | `admin_group_member` | GitLab [16.6](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/136247) | + +## Groups and projects + +| Name | Required permission | Description | Introduced in | Feature flag | Enabled in | +|:-----|:------------|:------------------|:---------|:--------------|:---------| +| [`archive_project`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/134998) | | Allows archiving of projects. | GitLab [16.6](https://gitlab.com/gitlab-org/gitlab/-/issues/425957) | `archive_project` | GitLab [16.7](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/139260) | +| [`remove_project`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/139696) | | Allows deletion of projects. | GitLab [16.8](https://gitlab.com/gitlab-org/gitlab/-/issues/425959) | | | + +## Infrastructure as code + +| Name | Required permission | Description | Introduced in | Feature flag | Enabled in | +|:-----|:------------|:------------------|:---------|:--------------|:---------| +| [`admin_terraform_state`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/140759) | | Allows to admin terraform state | GitLab [16.8](https://gitlab.com/gitlab-org/gitlab/-/issues/421789) | | | + +## System access + +| Name | Required permission | Description | Introduced in | Feature flag | Enabled in | +|:-----|:------------|:------------------|:---------|:--------------|:---------| +| [`manage_group_access_tokens`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/140115) | | Allows manage access to the group access tokens. | GitLab [16.8](https://gitlab.com/gitlab-org/gitlab/-/issues/428353) | | | +| [`manage_project_access_tokens`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/132342) | | Allows manage access to the project access tokens. | GitLab [16.5](https://gitlab.com/gitlab-org/gitlab/-/issues/421778) | `manage_project_access_tokens` | GitLab [16.8](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/141294) | + +## Vulnerability management + +| Name | Required permission | Description | Introduced in | Feature flag | Enabled in | +|:-----|:------------|:------------------|:---------|:--------------|:---------| +| [`admin_vulnerability`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/121534) | read_vulnerability | Allows admin access to the vulnerability reports. | GitLab [16.1](https://gitlab.com/gitlab-org/gitlab/-/issues/412536) | | | +| [`read_dependency`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/126247) | | Allows read-only access to the dependencies. | GitLab [16.3](https://gitlab.com/gitlab-org/gitlab/-/issues/415255) | | | +| [`read_vulnerability`](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/120704) | | Allows read-only access to the vulnerability reports. | GitLab [16.1](https://gitlab.com/gitlab-org/gitlab/-/issues/399119) | | | |