diff options
Diffstat (limited to 'doc/user/project/members')
| -rw-r--r-- | doc/user/project/members/index.md | 23 | ||||
| -rw-r--r-- | doc/user/project/members/share_project_with_groups.md | 26 |
2 files changed, 33 insertions, 16 deletions
diff --git a/doc/user/project/members/index.md b/doc/user/project/members/index.md index ff5f2ac8cb6..4a6272a0ca3 100644 --- a/doc/user/project/members/index.md +++ b/doc/user/project/members/index.md @@ -15,7 +15,7 @@ Project members can: 1. Be [direct members](#add-users-to-a-project) of the project. 1. [Inherit membership](#inherited-membership) of the project from the project's group. 1. Be a member of a group that was [shared](share_project_with_groups.md) with the project. -1. Be a member of a group that was [shared with the project's group](../../group/index.md#share-a-group-with-another-group). +1. Be a member of a group that was [shared with the project's group](../../group/manage.md#share-a-group-with-another-group). ```mermaid flowchart RL @@ -49,11 +49,22 @@ flowchart RL [Feature flag `invite_members_group_modal`](https://gitlab.com/gitlab-org/gitlab/-/issues/352526) removed. Add users to a project so they become members and have permission -to perform actions. The Owner [role](../../permissions.md#project-members-permissions) can only be added at the group level. +to perform actions. + +The maximum role (access level) you set depends on if you have the Owner or Maintainer role for the group. For example, the maximum +role that can be set is: + +- Owner (`50`), if you have the Owner role for the project. +- Maintainer (`40`), if you have the Maintainer role on the project. + +In GitLab 14.8 and earlier, direct members of a project have a maximum role of Maintainer. +The Owner [role](../../permissions.md#project-members-permissions) can only be added at the group level. Prerequisite: -- You must have the Maintainer or Owner role. +- You must have the Maintainer or Owner role: + - To remove direct members with the Maintainer role and below, you must have the Maintainer role. + - To remove members with the Owner role, you must have the Owner role. To add a user to a project: @@ -91,7 +102,7 @@ Each user's access is based on: Prerequisite: - You must have the Maintainer or Owner role. -- Sharing the project with other groups must not be [prevented](../../group/index.md#prevent-a-project-from-being-shared-with-groups). +- Sharing the project with other groups must not be [prevented](../../group/access_and_permissions.md#prevent-a-project-from-being-shared-with-groups). To add groups to a project: @@ -107,7 +118,7 @@ The members of the group are not displayed on the **Members** tab. The **Members** tab shows: - Members who are directly assigned to the project. -- If the project was created in a group [namespace](../../group/index.md#namespaces), members of that group. +- If the project was created in a group [namespace](../../namespace/index.md), members of that group. ## Import users from another project @@ -173,7 +184,7 @@ To remove a member from a project: user has not forked the private repository or created webhooks. Existing forks continue to receive changes from the upstream project, and webhooks continue to receive updates. You may also want to configure your project to prevent projects in a group - [from being forked outside their group](../../group/index.md#prevent-project-forking-outside-group). + [from being forked outside their group](../../group/access_and_permissions.md#prevent-project-forking-outside-group). 1. Select **Remove member**. ## Filter and sort members diff --git a/doc/user/project/members/share_project_with_groups.md b/doc/user/project/members/share_project_with_groups.md index c4ae00f3c6c..3d5b855a9d3 100644 --- a/doc/user/project/members/share_project_with_groups.md +++ b/doc/user/project/members/share_project_with_groups.md @@ -29,7 +29,7 @@ You can share a project only with: - Groups for which you have an explicitly defined [membership](index.md). - Groups that contain a nested subgroup or project for which you have an explicitly defined role. -Administrators can share projects with any group in the namespace. +Administrators can share projects with any group in the instance. The primary mechanism to give a group of users, say 'Engineering', access to a project, say 'Project Acme', in GitLab is to make the 'Engineering' group the owner of 'Project @@ -52,7 +52,7 @@ After sharing 'Project Acme' with 'Engineering': When you share a project, be aware of the following restrictions and outcomes: - [Maximum access level](#maximum-access-level) -- [Sharing a public project with a private group](#share-a-public-project-with-private-group) +- [Sharing projects with groups of a higher restrictive visibility level](#sharing-projects-with-groups-of-a-higher-restrictive-visibility-level) - [Sharing project with group lock](#share-project-with-group-lock) ## Maximum access level @@ -67,18 +67,24 @@ in. That means you can only share down the hierarchy. For example, `group/subgro - Can not be shared with `group`. - Can be shared with `group/subgroup02` or `group/subgroup01/subgroup03`. -## Share a public project with private group +## Sharing projects with groups of a higher restrictive visibility level -When you share a public project with a private group, be aware of the following outcomes: +There are several outcomes you must be aware of when you share a project with a group that has a more restrictive [visibility level](../../public_access.md#project-and-group-visibility) than the project. For example, when you: -- The name of the group is no longer private and is visible to all users in the project members page. -- Owners of the project have access to members of the private group when they mention them in issues or merge requests. -- Project members who are direct or indirect members of the private group can see private group members listed in addition to members of the project. +- Share a public project with a private group. +- Share a public project with an internal group. +- Share an internal project with a private group. + +The following outcomes occur: + +- The group name is visible to all users that can view the project members page. +- Owners of the project have access to members of the group when they mention them in issues or merge requests. +- Project members who are direct or indirect members of the group can see group members listed in addition to members of the project. ## Share project with group lock -It is possible to prevent projects in a group from [sharing -a project with another group](../members/share_project_with_groups.md). +It is possible to prevent projects in a group from +[sharing a project with another group](../members/share_project_with_groups.md). This allows for tighter control over project access. -Learn more about [Share with group lock](../../group/index.md#prevent-a-project-from-being-shared-with-groups). +Learn more about [Share with group lock](../../group/access_and_permissions.md#prevent-a-project-from-being-shared-with-groups). |