diff options
Diffstat (limited to 'doc/user')
| -rw-r--r-- | doc/user/permissions.md | 109 | ||||
| -rw-r--r-- | doc/user/search/img/group_issues_filter.png | bin | 0 -> 45288 bytes | |||
| -rw-r--r-- | doc/user/search/index.md | 8 |
3 files changed, 98 insertions, 19 deletions
diff --git a/doc/user/permissions.md b/doc/user/permissions.md index 555b0cf77ea..dcf210e1085 100644 --- a/doc/user/permissions.md +++ b/doc/user/permissions.md @@ -5,17 +5,17 @@ particular group or project. If a user is both in a group's project and the project itself, the highest permission level is used. On public and internal projects the Guest role is not enforced. All users will -be able to create issues, leave comments, and pull or download the project code. +be able to create issues, leave comments, and clone or download the project code. -When a member leaves the team the all assigned Issues and Merge Requests +When a member leaves the team all the assigned [Issues](project/issues/index.md) and [Merge Requests](project/merge_requests/index.md) will be unassigned automatically. -GitLab administrators receive all permissions. +GitLab [administrators](../README.md#administrator-documentation) receive all permissions. To add or import a user, you can follow the [project members documentation](../user/project/members/index.md). -## Project +## Project members permissions The following table depicts the various user permission levels in a project. @@ -75,7 +75,58 @@ The following table depicts the various user permission levels in a project. | Remove protected branches [^3] | | | | | | | Remove pages | | | | | ✓ | -## Group +## Project features permissions + +### Wiki and issues + +Project features like wiki and issues can be hidden from users depending on +which visibility level you select on project settings. + +- Disabled: disabled for everyone +- Only team members: only team members will see even if your project is public or internal +- Everyone with access: everyone can see depending on your project visibility level + +### Protected branches + +To prevent people from messing with history or pushing code without +review, we've created protected branches. Read through the documentation on +[protected branches](project/protected_branches.md) +to learn more. + +Additionally, you can allow or forbid users with Master and/or +Developer permissions to push to a protected branch. Read through the documentation on +[Allowed to Merge and Allowed to Push settings](project/protected_branches.md#using-the-allowed-to-merge-and-allowed-to-push-settings) +to learn more. + +### Cycle Analytics permissions + +Find the current permissions on the Cycle Analytics dashboard on +the [documentation on Cycle Analytics permissions](project/cycle_analytics.md#permissions). + +### Issue Board permissions + +Developers and users with higher permission level can use all +the functionality of the Issue Board, that is create/delete lists +and drag issues around. Read though the +[documentation on Issue Boards permissions](project/issue_board.md#permissions) +to learn more. + +### File Locking permissions (EEP) + +The user that locks a file or directory is the only one that can edit and push their changes back to the repository where the locked objects are located. + +Read through the documentation on [permissions for File Locking](https://docs.gitlab.com/ee/user/project/file_lock.html#permissions-on-file-locking) to learn more. + +File Locking is available in +[GitLab Enterprise Edition Premium](https://about.gitlab.com/gitlab-ee/) only. + +### Confidential Issues permissions + +Confidential issues can be accessed by reporters and higher permission levels, +as well as by guest users that create a confidential issue. To learn more, +read through the documentation on [permissions and access to confidential issues](project/issues/confidential_issues.md#permissions-and-access-to-confidential-issues). + +## Group members permissions Any user can remove themselves from a group, unless they are the last Owner of the group. The following table depicts the various user permission levels in a @@ -91,7 +142,16 @@ group. | Remove group | | | | | ✓ | | Manage group labels | | ✓ | ✓ | ✓ | ✓ | -## External Users +### Subgroup permissions + +When you add a member to a subgroup, they inherit the membership and +permission level from the parent group. This model allows access to +nested groups if you have membership in one of its parents. + +To learn more, read through the documentation on +[subgroups memberships](group/subgroups/index.md#membership). + +## External users permissions In cases where it is desired that a user has access only to some internal or private projects, there is the option of creating **External Users**. This @@ -115,18 +175,9 @@ will find the option to flag the user as external. By default new users are not set as external users. This behavior can be changed by an administrator under **Admin > Application Settings**. -## Project features - -Project features like wiki and issues can be hidden from users depending on -which visibility level you select on project settings. - -- Disabled: disabled for everyone -- Only team members: only team members will see even if your project is public or internal -- Everyone with access: everyone can see depending on your project visibility level - -## GitLab CI +## GitLab CI/CD permissions -GitLab CI permissions rely on the role the user has in GitLab. There are four +GitLab CI/CD permissions rely on the role the user has in GitLab. There are four permission levels in total: - admin @@ -134,7 +185,7 @@ permission levels in total: - developer - guest/reporter -The admin user can perform any action on GitLab CI in scope of the GitLab +The admin user can perform any action on GitLab CI/CD in scope of the GitLab instance and project. In addition, all admins can use the admin interface under `/admin/runners`. @@ -150,7 +201,7 @@ instance and project. In addition, all admins can use the admin interface under | See events in the system | | | | ✓ | | Admin interface | | | | ✓ | -### Jobs permissions +### Job permissions >**Note:** GitLab 8.12 has a completely redesigned job permissions system. @@ -174,6 +225,26 @@ users: | Push container images to current project | | ✓ | ✓ | ✓ | | Push container images to other projects | | | | | +### New CI job permissions model + +GitLab 8.12 has a completely redesigned job permissions system. To learn more, +read through the documentation on the [new CI/CD permissions model](project/new_ci_build_permissions_model.md#new-ci-job-permissions-model). + +## LDAP users permissions + +Since GitLab 8.15, LDAP user permissions can now be manually overridden by an admin user. +Read through the documentation on [LDAP users permissions](https://docs.gitlab.com/ee/articles/how_to_configure_ldap_gitlab_ee/index.html#updating-user-permissions-new-feature) to learn more. + +## Auditor users permissions (EEP) + +An Auditor user should be able to access all projects and groups of a GitLab instance +with the permissions described on the documentation on [auditor users permissions](https://docs.gitlab.com/ee/administration/auditor_users.html#permissions-and-restrictions-of-an-auditor-user). + +Auditor users are available in [GitLab Enterprise Edition Premium](https://about.gitlab.com/gitlab-ee/) +only. + +---- + [^1]: Guest users can only view the confidential issues they created themselves [^2]: If **Public pipelines** is enabled in **Project Settings > Pipelines** [^3]: Not allowed for Guest, Reporter, Developer, Master, or Owner diff --git a/doc/user/search/img/group_issues_filter.png b/doc/user/search/img/group_issues_filter.png Binary files differnew file mode 100644 index 00000000000..45eced79b99 --- /dev/null +++ b/doc/user/search/img/group_issues_filter.png diff --git a/doc/user/search/index.md b/doc/user/search/index.md index 6d59dcc6c75..79f34fd29ba 100644 --- a/doc/user/search/index.md +++ b/doc/user/search/index.md @@ -40,6 +40,14 @@ The same process is valid for merge requests. Navigate to your project's **Merge and click **Search or filter results...**. Merge requests can be filtered by author, assignee, milestone, and label. +## Issues and merge requests per group + +Similar to **Issues and merge requests per project**, you can also search for issues +within a group. Navigate to a group's **Issues** tab and query search results in +the same way as you do for projects. + + + ## Search history You can view recent searches by clicking on the little arrow-clock icon, which is to the left of the search input. Click the search entry to run that search again. This feature is available for issues and merge requests. Searches are stored locally in your browser. |
