diff options
Diffstat (limited to 'doc/user')
58 files changed, 182 insertions, 163 deletions
diff --git a/doc/user/admin_area/settings/visibility_and_access_controls.md b/doc/user/admin_area/settings/visibility_and_access_controls.md index 82e0d3d27d4..bc0a6f9af97 100644 --- a/doc/user/admin_area/settings/visibility_and_access_controls.md +++ b/doc/user/admin_area/settings/visibility_and_access_controls.md @@ -7,12 +7,12 @@ type: reference # Control access and visibility **(FREE SELF)** -GitLab enables users with the [Administrator role](../../permissions.md) to enforce +GitLab enables users with the Administrator access level to enforce specific controls on branches, projects, snippets, groups, and more. To access the visibility and access control options: -1. Sign in to GitLab as a user with [Administrator role](../../permissions.md). +1. Sign in to GitLab as a user with Administrator access level. 1. On the top bar, select **Menu > Admin**. 1. On the left sidebar, select **Settings > General**. 1. Expand the **Visibility and access controls** section. @@ -29,7 +29,7 @@ or configure [branch protection for groups](../../group/index.md#change-the-defa To change the default branch protection for the entire instance: -1. Sign in to GitLab as a user with [Administrator role](../../permissions.md). +1. Sign in to GitLab as a user with Administrator access level. 1. On the top bar, select **Menu > Admin**. 1. On the left sidebar, select **Settings > General**. 1. Expand the **Visibility and access controls** section. @@ -55,7 +55,7 @@ can be overridden on a per-group basis by the group's owner. In [GitLab Premium or higher](https://about.gitlab.com/pricing/), GitLab administrators can disable this privilege for group owners, enforcing the instance-level protection rule: -1. Sign in to GitLab as a user with [Administrator role](../../permissions.md). +1. Sign in to GitLab as a user with Administrator access level. 1. On the top bar, select **Menu > Admin**. 1. On the left sidebar, select **Settings > General**. 1. Expand the **Visibility and access controls** section. @@ -71,7 +71,7 @@ Instance-level protections for project creation define which roles can [add projects to a group](../../group/index.md#specify-who-can-add-projects-to-a-group) on the instance. To alter which roles have permission to create projects: -1. Sign in to GitLab as a user with [Administrator role](../../permissions.md). +1. Sign in to GitLab as a user with Administrator access level. 1. On the top bar, select **Menu > Admin**. 1. On the left sidebar, select **Settings > General**. 1. Expand the **Visibility and access controls** section. @@ -86,7 +86,7 @@ on the instance. To alter which roles have permission to create projects: Anyone with the **Owner** role, either at the project or group level, can delete a project. To allow only users with the Administrator role to delete projects: -1. Sign in to GitLab as a user with [Administrator role](../../permissions.md). +1. Sign in to GitLab as a user with Administrator access level. 1. On the top bar, select **Menu > Admin**. 1. On the left sidebar, select **Settings > General**. 1. Expand the **Visibility and access controls** section. @@ -137,7 +137,7 @@ Alternatively, projects that are marked for removal can be deleted immediately. To set the default [visibility levels for new projects](../../../public_access/public_access.md): -1. Sign in to GitLab as a user with [Administrator role](../../permissions.md). +1. Sign in to GitLab as a user with Administrator access level. 1. On the top bar, select **Menu > Admin**. 1. On the left sidebar, select **Settings > General**. 1. Expand the **Visibility and access controls** section. @@ -152,7 +152,7 @@ To set the default [visibility levels for new projects](../../../public_access/p To set the default visibility levels for new [snippets](../../snippets.md): -1. Sign in to GitLab as a user with [Administrator role](../../permissions.md). +1. Sign in to GitLab as a user with Administrator access level. 1. On the top bar, select **Menu > Admin**. 1. On the left sidebar, select **Settings > General**. 1. Expand the **Visibility and access controls** section. @@ -166,7 +166,7 @@ For more details on snippet visibility, read To set the default visibility levels for new groups: -1. Sign in to GitLab as a user with [Administrator role](../../permissions.md). +1. Sign in to GitLab as a user with Administrator access level. 1. On the top bar, select **Menu > Admin**. 1. On the left sidebar, select **Settings > General**. 1. Expand the **Visibility and access controls** section. @@ -183,7 +183,7 @@ For more details on group visibility, see To restrict visibility levels for projects, snippets, and selected pages: -1. Sign in to GitLab as a user with [Administrator role](../../permissions.md). +1. Sign in to GitLab as a user with Administrator access level. 1. On the top bar, select **Menu > Admin**. 1. On the left sidebar, select **Settings > General**. 1. Expand the **Visibility and access controls** section. @@ -200,7 +200,7 @@ For more details on project visibility, see You can specify from which hosting sites users can [import their projects](../../project/import/index.md): -1. Sign in to GitLab as a user with [Administrator role](../../permissions.md). +1. Sign in to GitLab as a user with Administrator access level. 1. On the top bar, select **Menu > Admin**. 1. On the left sidebar, select **Settings > General**. 1. Expand the **Visibility and access controls** section. @@ -212,7 +212,7 @@ You can specify from which hosting sites users can [import their projects](../.. To enable the export of [projects and their data](../../../user/project/settings/import_export.md#export-a-project-and-its-data): -1. Sign in to GitLab as a user with [Administrator role](../../permissions.md). +1. Sign in to GitLab as a user with Administrator access level. 1. On the top bar, select **Menu > Admin**. 1. On the left sidebar, select **Settings > General**. 1. Expand the **Visibility and access controls** section. @@ -228,7 +228,7 @@ The GitLab restrictions apply at the application level. To specify the enabled Git access protocols: -1. Sign in to GitLab as a user with [Administrator role](../../permissions.md). +1. Sign in to GitLab as a user with Administrator access level. 1. On the top bar, select **Menu > Admin**. 1. On the left sidebar, select **Settings > General**. 1. Expand the **Visibility and access controls** section. diff --git a/doc/user/analytics/code_review_analytics.md b/doc/user/analytics/code_review_analytics.md index 066b45aeb39..18a6ca20bc7 100644 --- a/doc/user/analytics/code_review_analytics.md +++ b/doc/user/analytics/code_review_analytics.md @@ -17,7 +17,7 @@ requests, and: - Take action on individual merge requests. - Reduce overall cycle time. -Code Review Analytics is available to users with at least the Reporter [role](../permissions.md), and displays a table of open merge requests that have at least one non-author comment. The review time is measured from the time the first non-author comment was submitted. +Code Review Analytics is available to users with at least the Reporter role, and displays a table of open merge requests that have at least one non-author comment. The review time is measured from the time the first non-author comment was submitted. NOTE: Initially, no data appears. Data is populated as users comment on open merge requests. diff --git a/doc/user/analytics/merge_request_analytics.md b/doc/user/analytics/merge_request_analytics.md index bb110ab495f..82177259c30 100644 --- a/doc/user/analytics/merge_request_analytics.md +++ b/doc/user/analytics/merge_request_analytics.md @@ -116,4 +116,4 @@ bookmark for those preferred settings in your browser. The **Merge Request Analytics** feature can be accessed only: - On [GitLab Premium](https://about.gitlab.com/pricing/) and above. -- By users with at least the Reporter [role](../permissions.md). +- By users with at least the Reporter role. diff --git a/doc/user/analytics/productivity_analytics.md b/doc/user/analytics/productivity_analytics.md index e1ba2f5565e..be710f8cbd7 100644 --- a/doc/user/analytics/productivity_analytics.md +++ b/doc/user/analytics/productivity_analytics.md @@ -65,7 +65,7 @@ request is merged. Select the dropdown to view: The right-side histogram shows the size or complexity of a merge request. Select the dropdown to view: - + - Number of commits per merge request. - Number of lines of code (LOC) per commit. - Number of files touched. @@ -103,4 +103,4 @@ You can filter analytics based on a date range. To filter results: The **Productivity Analytics** dashboard can be accessed only: - On [GitLab Premium](https://about.gitlab.com/pricing/) and above. -- By users with at least the Reporter [role](../permissions.md). +- By users with at least the Reporter role. diff --git a/doc/user/application_security/dast/index.md b/doc/user/application_security/dast/index.md index aeaa93f4a85..5d365491e30 100644 --- a/doc/user/application_security/dast/index.md +++ b/doc/user/application_security/dast/index.md @@ -588,6 +588,28 @@ Using the [`DAST_MASK_HTTP_HEADERS` CI/CD variable](#available-cicd-variables), headers whose values you want masked. For details on how to mask headers, see [Customizing the DAST settings](#customize-dast-settings). +#### Use Mutual TLS + +> [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/299596) in GitLab 14.8. + +Mutual TLS allows a target application server to verify that requests are from a known source. Browser-based scans do not support Mutual TLS. + +**Requirements** + +- Base64-encoded PKCS12 certificate +- Password of the base64-encoded PKCS12 certificate + +To enable Mutual TLS: + +1. If the PKCS12 certificate is not already base64-encoded, convert it to base64 encoding. For security reasons, we recommend encoding the certificate locally, **not** using a web-hosted conversion service. For example, to encode the certificate on either macOS or Linux: + + ```shell + base64 <path-to-pkcs12-certificate-file> + ``` + +1. Create a [masked variable](../../../ci/variables/index.md) named `DAST_PKCS12_CERTIFICATE_BASE64` and store the base64-encoded PKCS12 certificate's value in that variable. +1. Create a masked variable `DAST_PKCS12_PASSWORD` and store the PKCS12 certificate's password in that variable. + #### Available CI/CD variables These CI/CD variables are specific to DAST. They can be used to customize the behavior of DAST to your requirements. @@ -623,6 +645,8 @@ These CI/CD variables are specific to DAST. They can be used to customize the be | `DAST_PASSWORD_FIELD` <sup>1,2</sup> | string | The selector of password field at the sign-in HTML form. Example: `id:password` | | `DAST_PATHS` | string | Set to a comma-separated list of URLs for DAST to scan. For example, `/page1.html,/category1/page3.html,/page2.html`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/214120) in GitLab 13.4. | | `DAST_PATHS_FILE` | string | The file path containing the paths within `DAST_WEBSITE` to scan. The file must be plain text with one path per line. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/258825) in GitLab 13.6. | +| `DAST_PKCS12_CERTIFICATE_BASE64` | string | The PKCS12 certificate used for sites that require Mutual TLS. Must be encoded as base64 text. | +| `DAST_PKCS12_PASSWORD` | string | The password of the certificate used in `DAST_PKCS12_CERTIFICATE_BASE64`. | | `DAST_REQUEST_HEADERS` <sup>1</sup> | string | Set to a comma-separated list of request header names and values. Headers are added to every request made by DAST. For example, `Cache-control: no-cache,User-Agent: DAST/1.0` | | `DAST_SKIP_TARGET_CHECK` | boolean | Set to `true` to prevent DAST from checking that the target is available before scanning. Default: `false`. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/229067) in GitLab 13.8. | | `DAST_SPIDER_MINS` <sup>1</sup> | number | The maximum duration of the spider scan in minutes. Set to `0` for unlimited. Default: One minute, or unlimited when the scan is a full scan. [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12652) in GitLab 13.1. | diff --git a/doc/user/application_security/iac_scanning/index.md b/doc/user/application_security/iac_scanning/index.md index 0142a6d9623..89d3531bccd 100644 --- a/doc/user/application_security/iac_scanning/index.md +++ b/doc/user/application_security/iac_scanning/index.md @@ -36,12 +36,15 @@ GitLab IaC scanning supports a variety of IaC configuration files. Our IaC secur |------------------------------------------|----------------------------------|-------------------------------| | Ansible | [KICS](https://kics.io/) | 14.5 | | AWS CloudFormation | [KICS](https://kics.io/) | 14.5 | +| Azure Resource Manager <sup>1</sup> | [KICS](https://kics.io/) | 14.5 | | Dockerfile | [KICS](https://kics.io/) | 14.5 | | Google Deployment Manager | [KICS](https://kics.io/) | 14.5 | | Kubernetes | [KICS](https://kics.io/) | 14.5 | | OpenAPI | [KICS](https://kics.io/) | 14.5 | | Terraform | [KICS](https://kics.io/) | 14.5 | +1. IaC scanning can analyze Azure Resource Manager templates in JSON format. If you write templates in the [Bicep](https://docs.microsoft.com/en-us/azure/azure-resource-manager/bicep/overview) language, you must use [the bicep CLI](https://docs.microsoft.com/en-us/azure/azure-resource-manager/bicep/bicep-cli) to convert your Bicep files into JSON before GitLab IaC scanning can analyze them. + ### Making IaC analyzers available to all GitLab tiers All open source (OSS) analyzers are available with the GitLab Free tier. Future proprietary analyzers may be restricted to higher tiers. diff --git a/doc/user/application_security/index.md b/doc/user/application_security/index.md index 94373346f15..9511b365cf6 100644 --- a/doc/user/application_security/index.md +++ b/doc/user/application_security/index.md @@ -218,7 +218,7 @@ An approval is optional when the security report: the rule's severity levels. - Contains a vulnerability count equal to or less than what the rule allows. -Project members assigned [at least the Maintainer role](../permissions.md#project-members-permissions) can enable or edit +Project members with at least the Maintainer role can enable or edit the Vulnerability-Check rule. #### Enable the Vulnerability-Check rule diff --git a/doc/user/clusters/agent/install/index.md b/doc/user/clusters/agent/install/index.md index 532501e69d4..f94fd21089a 100644 --- a/doc/user/clusters/agent/install/index.md +++ b/doc/user/clusters/agent/install/index.md @@ -157,7 +157,7 @@ information to the cluster automatically without downtime. ## View your Agents -If you have the [Developer role](../../../permissions.md) or above, you can access the Agent's +If you have at least the Developer role, you can access the Agent's configuration repository and view the Agent's list: 1. On the left sidebar, select **Infrastructure > Kubernetes clusters**. diff --git a/doc/user/clusters/cost_management.md b/doc/user/clusters/cost_management.md index 14850ca85b3..c99eef385ce 100644 --- a/doc/user/clusters/cost_management.md +++ b/doc/user/clusters/cost_management.md @@ -22,7 +22,7 @@ insights within GitLab: ## Configure cluster cost management -To get started with cluster cost management, you need the [Maintainer role](../permissions.md) in a project or group. +To get started with cluster cost management, you need the Maintainer role for a project or group. 1. Clone the [`kubecost-cost-model`](https://gitlab.com/gitlab-examples/kubecost-cost-model/) example repository, which contains minor modifications to the upstream Kubecost diff --git a/doc/user/compliance/license_compliance/index.md b/doc/user/compliance/license_compliance/index.md index 04d3cc0595e..1c874c01884 100644 --- a/doc/user/compliance/license_compliance/index.md +++ b/doc/user/compliance/license_compliance/index.md @@ -772,7 +772,7 @@ Developers of the project can view the policies configured in a project. Prerequisites: -- Maintainer or Owner [role](../../permissions.md#project-members-permissions). +- Maintainer or Owner role. `License-Check` is a [merge request approval](../../project/merge_requests/approvals/index.md) rule you can enable to allow an individual or group to approve a merge request that contains a `denied` diff --git a/doc/user/discussions/index.md b/doc/user/discussions/index.md index 7831fdff249..37047e9f8d0 100644 --- a/doc/user/discussions/index.md +++ b/doc/user/discussions/index.md @@ -115,8 +115,7 @@ You can use [Markdown](../markdown.md) and [quick actions](../project/quick_acti You can edit your own comment at any time. -Anyone with the [Maintainer role](../permissions.md) or -higher can also edit a comment made by someone else. +Anyone with at least the Maintainer role can also edit a comment made by someone else. ## Prevent comments by locking an issue @@ -209,7 +208,7 @@ When you reply to a standard comment, you create a thread. Prerequisites: -- You must have at least the [Guest role](../permissions.md#project-members-permissions). +- You must have at least the Guest role. - You must be in an issue, merge request, or epic. Threads in commits and snippets are not supported. To create a thread by replying to a comment: @@ -231,7 +230,7 @@ You can create a thread without replying to a standard comment. Prerequisites: -- You must have at least the [Guest role](../permissions.md#project-members-permissions). +- You must have at least the Guest role. - You must be in an issue, merge request, commit, or snippet. To create a thread: @@ -253,7 +252,7 @@ In a merge request, you can resolve a thread when you want to finish a conversat Prerequisites: -- You must have at least the [Developer role](../permissions.md#project-members-permissions) +- You must have at least the Developer role or be the author of the change being reviewed. - Resolvable threads can be added only to merge requests. It doesn't work for comments in issues, commits, or snippets. diff --git a/doc/user/group/custom_project_templates.md b/doc/user/group/custom_project_templates.md index 2214a18475a..00e6bc671c1 100644 --- a/doc/user/group/custom_project_templates.md +++ b/doc/user/group/custom_project_templates.md @@ -24,7 +24,7 @@ You can also configure [custom templates for the instance](../admin_area/custom_ Prerequisite: -- You must have the [Owner role for the group](../permissions.md#group-members-permissions). +- You must have the Owner role for the group. To set up custom project templates in a group, add the subgroup that contains the project templates to the group settings: diff --git a/doc/user/group/devops_adoption/index.md b/doc/user/group/devops_adoption/index.md index 4151745189d..e570f40d8e6 100644 --- a/doc/user/group/devops_adoption/index.md +++ b/doc/user/group/devops_adoption/index.md @@ -32,7 +32,7 @@ how to use those features. Prerequisite: -- You must have at least the [Reporter role](../../permissions.md) for the group. +- You must have at least the Reporter role for the group. To view DevOps Adoption: diff --git a/doc/user/group/epics/epic_boards.md b/doc/user/group/epics/epic_boards.md index d184030718a..f03a56d8a00 100644 --- a/doc/user/group/epics/epic_boards.md +++ b/doc/user/group/epics/epic_boards.md @@ -24,7 +24,7 @@ To view an epic board: Prerequisites: -- You must have at least the [Reporter role](../../permissions.md#group-members-permissions) for a group. +- You must have at least the Reporter role for a group. To create a new epic board: @@ -49,7 +49,7 @@ To change these options later, [edit the board](#edit-the-scope-of-an-epic-board Prerequisites: -- You must have at least the [Reporter role](../../permissions.md#group-members-permissions) for a group. +- You must have at least the Reporter role for a group. - A minimum of two boards present in a group. To delete the active epic board: @@ -73,7 +73,7 @@ To delete the active epic board: Prerequisites: -- You must have at least the [Reporter role](../../permissions.md#group-members-permissions) for a group. +- You must have at least the Reporter role for a group. To create a new list: @@ -91,7 +91,7 @@ list view that's removed. You can always create it again later if you need. Prerequisites: -- You must have at least the [Reporter role](../../permissions.md#group-members-permissions) for a group. +- You must have at least the Reporter role for a group. To remove a list from an epic board: @@ -106,7 +106,7 @@ To remove a list from an epic board: Prerequisites: -- You must have at least the [Reporter role](../../permissions.md#group-members-permissions) for a group. +- You must have at least the Reporter role for a group. - You must have [created a list](#create-a-new-list) first. To create an epic from a list in epic board: @@ -147,7 +147,7 @@ You can move epics and lists by dragging them. Prerequisites: -- You must have at least the [Reporter role](../../permissions.md#group-members-permissions) for a group. +- You must have at least the Reporter role for a group. To move an epic, select the epic card and drag it to another position in its current list or into another list. Learn about possible effects in [Dragging epics between lists](#dragging-epics-between-lists). @@ -170,7 +170,7 @@ and the target list. Prerequisites: -- You must have at least the [Reporter role](../../permissions.md#group-members-permissions) for a group. +- You must have at least the Reporter role for a group. To edit the scope of an epic board: diff --git a/doc/user/group/epics/manage_epics.md b/doc/user/group/epics/manage_epics.md index caca10a05a2..91565b40ee8 100644 --- a/doc/user/group/epics/manage_epics.md +++ b/doc/user/group/epics/manage_epics.md @@ -83,7 +83,7 @@ To edit an epic's start date, due date, or labels: > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/7250) in GitLab 12.2. -Users with at least the [Reporter role](../../permissions.md) can manage epics. +Users with at least the Reporter role can manage epics. When bulk editing epics in a group, you can edit their labels. @@ -98,8 +98,7 @@ To update multiple epics at the same time: ## Delete an epic NOTE: -To delete an epic, you must be an [Owner](../../permissions.md#group-members-permissions) of a group -or subgroup. +To delete an epic, you must be an Owner of a group or subgroup. To delete the epic: diff --git a/doc/user/group/index.md b/doc/user/group/index.md index d48d71e783c..78a82ac3bd1 100644 --- a/doc/user/group/index.md +++ b/doc/user/group/index.md @@ -138,7 +138,7 @@ your group. ## Change the owner of a group You can change the owner of a group. Each group must always have at least one -member with the [Owner role](../permissions.md#group-members-permissions). +member with the Owner role. - As an administrator: 1. Go to the group and from the left menu, select **Group information > Members**. @@ -153,7 +153,7 @@ member with the [Owner role](../permissions.md#group-members-permissions). Prerequisites: -- You must have the [Owner role](../permissions.md#group-members-permissions). +- You must have the Owner role. - The member must have direct membership in the group. If membership is inherited from a parent group, then the member can be removed from the parent group only. @@ -250,7 +250,7 @@ There are two different ways to add a new project to a group: > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/2534) in GitLab 10.5. > - [Moved](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/25975) from GitLab Premium to GitLab Free in 11.10. -By default, [Developers and Maintainers](../permissions.md#group-members-permissions) can create projects under a group. +By default, users with at least the Developer role can create projects under a group. To change this setting for a specific group: @@ -534,7 +534,7 @@ disabled for the group and its subgroups. Prerequisite: -- You must be assigned the [Owner role](../permissions.md#group-members-permissions) for the group. +- You must be assigned the Owner role) for the group. To specify a user cap: @@ -556,7 +556,7 @@ You can remove the user cap, so there is no limit on the number of members you c Prerequisite: -- You must be assigned the [Owner role](../permissions.md#group-members-permissions) for the group. +- You must be assigned the Owner role) for the group. To remove the user cap: @@ -575,7 +575,7 @@ and must be approved. Prerequisite: -- You must be assigned the [Owner role](../permissions.md#group-members-permissions) for the group. +- You must be assigned the Owner role) for the group. To approve members that are pending because they've exceeded the user cap: diff --git a/doc/user/group/iterations/index.md b/doc/user/group/iterations/index.md index 8a79effba15..c0bd6f1a672 100644 --- a/doc/user/group/iterations/index.md +++ b/doc/user/group/iterations/index.md @@ -52,7 +52,7 @@ With iteration cadences enabled, you must first Prerequisites: -- You must have at least the [Developer role](../../permissions.md) for a group. +- You must have at least the Developer role for a group. To create an iteration cadence: @@ -65,7 +65,7 @@ To create an iteration cadence: Prerequisites: -- You must have at least the [Developer role](../../permissions.md) for a group. +- You must have at least the Developer role for a group. Deleting an iteration cadence also deletes all iterations within that cadence. @@ -86,7 +86,7 @@ From there you can create a new iteration or select an iteration to get a more d Prerequisites: -- You must have at least the [Developer role](../../permissions.md) for a group. +- You must have at least the Developer role for a group. For manually scheduled iteration cadences, you create and add iterations yourself. @@ -104,7 +104,7 @@ To create an iteration: Prerequisites: -- You must have at least the [Developer role](../../permissions.md) for a group. +- You must have at least the Developer role for a group. To edit an iteration, select the three-dot menu (**{ellipsis_v}**) > **Edit**. @@ -114,7 +114,7 @@ To edit an iteration, select the three-dot menu (**{ellipsis_v}**) > **Edit**. Prerequisites: -- You must have at least the [Developer role](../../permissions.md) for a group. +- You must have at least the Developer role for a group. To delete an iteration, select the three-dot menu (**{ellipsis_v}**) > **Delete**. diff --git a/doc/user/group/settings/import_export.md b/doc/user/group/settings/import_export.md index 5745c499c5c..7b63466656d 100644 --- a/doc/user/group/settings/import_export.md +++ b/doc/user/group/settings/import_export.md @@ -16,7 +16,7 @@ You can also [export projects](../../project/settings/import_export.md). Prerequisite: -- You must have the [Owner role](../../permissions.md) for the group. +- You must have the Owner role for the group. To enable import and export for a group: @@ -69,7 +69,7 @@ in GitLab 14.6 and replaced by [GitLab Migration](../import/). Prerequisites: -- You must have the [Owner role](../../permissions.md) for the group. +- You must have the Owner role for the group. To export the contents of a group: diff --git a/doc/user/group/subgroups/index.md b/doc/user/group/subgroups/index.md index 8d5f639767a..46dea81ae9f 100644 --- a/doc/user/group/subgroups/index.md +++ b/doc/user/group/subgroups/index.md @@ -158,7 +158,7 @@ added to), add the user to the new subgroup again with a higher set of permissio For example, if User 1 was first added to group `one/two` with Developer permissions, then they inherit those permissions in every other subgroup -of `one/two`. To give them the [Maintainer role](../../permissions.md) for group `one/two/three/four`, +of `one/two`. To give them the Maintainer role for group `one/two/three/four`, you would add them again in that group as Maintainer. Removing them from that group, the permissions fall back to those of the ancestor group. diff --git a/doc/user/infrastructure/iac/mr_integration.md b/doc/user/infrastructure/iac/mr_integration.md index 1b754288032..95ca478a383 100644 --- a/doc/user/infrastructure/iac/mr_integration.md +++ b/doc/user/infrastructure/iac/mr_integration.md @@ -16,7 +16,7 @@ enabling you to see statistics about the resources that Terraform creates, modifies, or destroys. WARNING: -Like any other job artifact, Terraform Plan data is viewable by anyone with the Guest [role](../../permissions.md) on the repository. +Like any other job artifact, Terraform Plan data is viewable by anyone with the Guest role for the repository. Neither Terraform nor GitLab encrypts the plan file by default. If your Terraform Plan includes sensitive data such as passwords, access tokens, or certificates, we strongly recommend encrypting plan output or modifying the project visibility settings. diff --git a/doc/user/infrastructure/iac/terraform_state.md b/doc/user/infrastructure/iac/terraform_state.md index a57d094d59c..d386cd93ae4 100644 --- a/doc/user/infrastructure/iac/terraform_state.md +++ b/doc/user/infrastructure/iac/terraform_state.md @@ -33,11 +33,13 @@ before using this feature. ## Permissions for using Terraform -In GitLab version 13.1, the [Maintainer role](../../permissions.md) was required to use a -GitLab managed Terraform state backend. In GitLab versions 13.2 and greater, the -[Maintainer role](../../permissions.md) is required to lock, unlock, and write to the state -(using `terraform apply`), while the [Developer role](../../permissions.md) is required to read -the state (using `terraform plan -lock=false`). +In GitLab version 13.1, the Maintainer role was required to use a +GitLab managed Terraform state backend. + +In GitLab versions 13.2 and later: + +- The Maintainer role is required to lock, unlock, and write to the state (using `terraform apply`). +- The Developer role is required to read the state (using `terraform plan -lock=false`). ## Set up GitLab-managed Terraform state @@ -205,7 +207,7 @@ and the CI YAML file: The output from the above `terraform` commands should be viewable in the job logs. WARNING: -Like any other job artifact, Terraform plan data is viewable by anyone with the Guest [role](../../permissions.md) on the repository. +Like any other job artifact, Terraform plan data is viewable by anyone with the Guest role on the repository. Neither Terraform nor GitLab encrypts the plan file by default. If your Terraform plan includes sensitive data such as passwords, access tokens, or certificates, GitLab strongly recommends encrypting plan output or modifying the project visibility settings. @@ -255,7 +257,7 @@ An example setup is shown below: Outputs from the data source can now be referenced in your Terraform resources using `data.terraform_remote_state.example.outputs.<OUTPUT-NAME>`. -You need at least the [Developer role](../../permissions.md) in the target project +You need at least the Developer role in the target project to read the Terraform state. ## Migrating to GitLab Managed Terraform state @@ -365,7 +367,7 @@ location. You can then go back to running it in GitLab CI/CD. > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/273592) in GitLab 13.8. -Users with Developer and greater [permissions](../../permissions.md) can view the +Users with at least the Developer role can view the state files attached to a project at **Infrastructure > Terraform**. Users with the Maintainer role can perform commands on the state files. The user interface contains these fields: @@ -404,7 +406,7 @@ curl --header "Private-Token: <your_access_token>" --request DELETE "https://git ## Remove a state file -Users with Maintainer and greater [permissions](../../permissions.md) can use the +Users with at least the Maintainer role can use the following options to remove a state file: - **GitLab UI**: Go to **Infrastructure > Terraform**. In the **Actions** column, diff --git a/doc/user/packages/dependency_proxy/index.md b/doc/user/packages/dependency_proxy/index.md index 97cf4419bb8..925a1b3e8e6 100644 --- a/doc/user/packages/dependency_proxy/index.md +++ b/doc/user/packages/dependency_proxy/index.md @@ -93,9 +93,8 @@ You can authenticate using: - A [personal access token](../../../user/profile/personal_access_tokens.md) with the scope set to `read_registry` and `write_registry`. - A [group deploy token](../../../user/project/deploy_tokens/index.md#group-deploy-token) with the scope set to `read_registry` and `write_registry`. -Users accessing the Dependency Proxy with a personal access token or username and password require -at least [Guest membership](../../permissions.md#group-members-permissions) -to the group they pull images from. +Users accessing the Dependency Proxy with a personal access token or username and password must +have at least the Guest role for the group they pull images from. #### SAML SSO diff --git a/doc/user/project/deploy_keys/index.md b/doc/user/project/deploy_keys/index.md index 2e876b24b53..57f6efa3092 100644 --- a/doc/user/project/deploy_keys/index.md +++ b/doc/user/project/deploy_keys/index.md @@ -29,7 +29,7 @@ repository in automation, it's a simple solution. A drawback is that your repository could become vulnerable if a remote machine is compromised by a hacker. You should limit access to the remote machine before a deploy key is enabled on your repository. A good rule to follow is to provide access only to trusted users, -and make sure that the allowed users have at least the [Maintainer role](../../permissions.md) +and make sure that the allowed users have at least the Maintainer role in the GitLab project. If this security implication is a concern for your organization, diff --git a/doc/user/project/deploy_tokens/index.md b/doc/user/project/deploy_tokens/index.md index f57fa5aa57d..4d69209aafa 100644 --- a/doc/user/project/deploy_tokens/index.md +++ b/doc/user/project/deploy_tokens/index.md @@ -14,7 +14,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w Deploy tokens allow you to download (`git clone`) or push and pull packages and container registry images of a project without having a user and a password. -Deploy tokens can be managed by [maintainers only](../../permissions.md). +Deploy tokens can be managed only by users with the Maintainer role. Deploy tokens cannot be used with the GitLab API. diff --git a/doc/user/project/file_lock.md b/doc/user/project/file_lock.md index 1d06b605aa9..9911c90863d 100644 --- a/doc/user/project/file_lock.md +++ b/doc/user/project/file_lock.md @@ -33,7 +33,7 @@ GitLab supports two different modes of file locking: ## Permissions Locks can be created by any person who has at least -[Developer role](../permissions.md) in the repository. +Developer role in the repository. Only the user who locked the file or directory can edit locked files. Other users are prevented from modifying locked files by pushing, merging, @@ -77,7 +77,7 @@ Check this document to learn more about [using Git LFS](../../topics/git/lfs/ind ### Configure Exclusive File Locks -You need the [Maintainer role](../permissions.md) to configure +You need the Maintainer role Exclusive File Locks for your project through the command line. The first thing to do before using File Locking is to tell Git LFS which @@ -226,4 +226,4 @@ To view and remove file locks: This list shows all the files locked either through LFS or GitLab UI. Locks can be removed by their author, or any user -with at least the [Maintainer role](../permissions.md). +with at least the Maintainer role. diff --git a/doc/user/project/import/jira.md b/doc/user/project/import/jira.md index c6992422733..5f7475eac36 100644 --- a/doc/user/project/import/jira.md +++ b/doc/user/project/import/jira.md @@ -40,9 +40,8 @@ iterations of the GitLab Jira importer. ### Permissions -In order to be able to import issues from a Jira project you need to have read access on Jira -issues and a [Maintainer or higher](../../permissions.md#project-members-permissions) role in the -GitLab project that you wish to import into. +To be able to import issues from a Jira project you must have read access on Jira +issues and at least the Maintainer role in the GitLab project that you wish to import into. ### Jira integration diff --git a/doc/user/project/integrations/index.md b/doc/user/project/integrations/index.md index ac6e18e8e6a..9764c4d44a0 100644 --- a/doc/user/project/integrations/index.md +++ b/doc/user/project/integrations/index.md @@ -8,7 +8,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w You can find the available integrations under your project's **Settings > Integrations** page. You need to have at least -the [Maintainer role](../../permissions.md) on the project. +the Maintainer role on the project. ## Integrations diff --git a/doc/user/project/integrations/mattermost_slash_commands.md b/doc/user/project/integrations/mattermost_slash_commands.md index 1ff558b569b..b47c9f65c45 100644 --- a/doc/user/project/integrations/mattermost_slash_commands.md +++ b/doc/user/project/integrations/mattermost_slash_commands.md @@ -67,7 +67,7 @@ After you enable custom slash commands in Mattermost, you need configuration information from GitLab. To get this information: 1. In a different browser tab than your current Mattermost session, sign in to - GitLab as a user with [Administrator role](../../permissions.md). + GitLab as a user with the administrator access level. 1. On the top bar, select **Menu > Admin**. 1. In the left menu, select **Settings > Integrations**, then select **Mattermost slash commands**. diff --git a/doc/user/project/issue_board.md b/doc/user/project/issue_board.md index bbd2a608d2c..23905133d9e 100644 --- a/doc/user/project/issue_board.md +++ b/doc/user/project/issue_board.md @@ -194,7 +194,7 @@ card includes: ## Permissions -Users with the [Reporter and higher roles](../permissions.md) can use all the functionality of the +Users with at least the Reporter role can use all the functionality of the issue board feature to create or delete lists. They can also drag issues from one list to another. ## Ordering issues in a list @@ -569,7 +569,7 @@ You can move issues and lists by dragging them. Prerequisites: -- You must have at least the Reporter [role](../permissions.md#project-members-permissions) for a project in GitLab. +- You must have at least the Reporter role for a project in GitLab. To move an issue, select the issue card and drag it to another position in its current list or into a different list. Learn about possible effects in [Dragging issues between lists](#dragging-issues-between-lists). diff --git a/doc/user/project/issues/associate_zoom_meeting.md b/doc/user/project/issues/associate_zoom_meeting.md index aba8c45699c..41de91d9bd7 100644 --- a/doc/user/project/issues/associate_zoom_meeting.md +++ b/doc/user/project/issues/associate_zoom_meeting.md @@ -25,7 +25,7 @@ In an issue, leave a comment using the `/zoom` quick action followed by a valid /zoom https://zoom.us/j/123456789 ``` -If the Zoom meeting URL is valid and you have at least the Reporter [role](../../permissions.md), +If the Zoom meeting URL is valid and you have at least the Reporter role, a system alert notifies you of its successful addition. The issue's description is automatically edited to include the Zoom link, and a button appears right under the issue's title. @@ -44,5 +44,5 @@ Similarly to adding a Zoom meeting, you can remove it with a quick action: /remove_zoom ``` -If you have at least the Reporter [role](../../permissions.md), +If you have at least the Reporter role, a system alert notifies you that the meeting URL was successfully removed. diff --git a/doc/user/project/issues/confidential_issues.md b/doc/user/project/issues/confidential_issues.md index e8c58f2feb9..d771d8f0cc1 100644 --- a/doc/user/project/issues/confidential_issues.md +++ b/doc/user/project/issues/confidential_issues.md @@ -42,7 +42,7 @@ system note in the issue's comments.  -When an issue is made confidential, only users with at least the [Reporter role](../../permissions.md) +When an issue is made confidential, only users with at least the Reporter role for the project have access to the issue. Users with Guest or [Minimal](../../permissions.md#users-with-minimal-access) roles can't access the issue even if they were actively participating before the change. @@ -82,11 +82,11 @@ that prevent leaks of private data. There are two kinds of level access for confidential issues. The general rule is that confidential issues are visible only to members of a project with at -least the Reporter [role](../../permissions.md#project-members-permissions). However, a guest user can also create +least the Reporter role. However, a guest user can also create confidential issues, but can only view the ones that they created themselves. Confidential issues are also hidden in search results for unprivileged users. -For example, here's what a user with the [Maintainer role](../../permissions.md) and the Guest role +For example, here's what a user with the Maintainer role and the Guest role sees in the project's search results respectively. | Maintainer role | Guest role | diff --git a/doc/user/project/issues/csv_import.md b/doc/user/project/issues/csv_import.md index 69dc0cbafd8..e4b8efd27ed 100644 --- a/doc/user/project/issues/csv_import.md +++ b/doc/user/project/issues/csv_import.md @@ -14,9 +14,7 @@ retain columns such as labels and milestones, consider the [Move Issue feature]( The user uploading the CSV file is set as the author of the imported issues. -NOTE: -A permission level of [Developer](../../permissions.md), or higher, is required -to import issues. +You must have at least the Developer role for a project to import issues. ## Prepare for the import diff --git a/doc/user/project/issues/due_dates.md b/doc/user/project/issues/due_dates.md index 2c20ccdcee0..2630052d806 100644 --- a/doc/user/project/issues/due_dates.md +++ b/doc/user/project/issues/due_dates.md @@ -7,7 +7,7 @@ info: To determine the technical writer assigned to the Stage/Group associated w # Due dates **(FREE)** Due dates can be used in [issues](index.md) to keep track of deadlines and make sure features are -shipped on time. Users need at least the Reporter [role](../../permissions.md) +shipped on time. Users need at least the Reporter role to be able to edit the due date. All users with permission to view the issue can view the due date. diff --git a/doc/user/project/issues/managing_issues.md b/doc/user/project/issues/managing_issues.md index c800511dedb..83f6cae4f13 100644 --- a/doc/user/project/issues/managing_issues.md +++ b/doc/user/project/issues/managing_issues.md @@ -29,7 +29,7 @@ You can create an issue in many ways in GitLab: Prerequisites: -- You must have at least the [Guest role](../../permissions.md) for the project. +- You must have at least the Guest role for the project. To create an issue: @@ -52,7 +52,7 @@ to the projects in the group. Prerequisites: -- You must have at least the [Guest role](../../permissions.md) for the project in the group. +- You must have at least the Guest role for the project in the group. To create an issue from a group: @@ -78,7 +78,7 @@ You can create a new issue from an existing one. The two issues can then be mark Prerequisites: -- You must have at least the [Guest role](../../permissions.md) for the project. +- You must have at least the Guest role for the project. To create an issue from another issue: @@ -98,7 +98,7 @@ You can create a new issue from an [issue board](../issue_board.md). Prerequisites: -- You must have at least the [Guest role](../../permissions.md) for the project. +- You must have at least the Guest role for the project. To create an issue from a project issue board: @@ -133,7 +133,7 @@ Prerequisites: - Your GitLab instance must have [incoming email](../../../administration/incoming_email.md) configured. - There must be at least one issue in the issue list. -- You must have at least the [Guest role](../../permissions.md) for the project. +- You must have at least the Guest role for the project. To email an issue to a project: @@ -224,7 +224,7 @@ You can edit an issue's title and description. Prerequisites: -- You must have at least the [Reporter role](../../permissions.md) for the project, be the author of the issue, or be assigned to the issue. +- You must have at least the Reporter role for the project, be the author of the issue, or be assigned to the issue. To edit an issue: @@ -242,7 +242,7 @@ You can edit multiple issues at a time when you're in a project. Prerequisites: -- You must have at least the [Reporter role](../../permissions.md) for the project. +- You must have at least the Reporter role for the project. To edit multiple issues at the same time: @@ -275,7 +275,7 @@ You can edit multiple issues across multiple projects when you're in a group. Prerequisites: -- You must have at least the [Reporter role](../../permissions.md) for a group. +- You must have at least the Reporter role for a group. To edit multiple issues at the same time: @@ -304,7 +304,7 @@ Be careful when moving an issue to a project with different access rules. Before Prerequisites: -- You must have at least the [Reporter role](../../permissions.md) for the project. +- You must have at least the Reporter role for the project. To move an issue: @@ -319,7 +319,7 @@ You can move all open issues from one project to another. Prerequisites: -- You must have at least the [Reporter role](../../permissions.md) for the project. +- You must have at least the Reporter role for the project. To do it: @@ -353,7 +353,7 @@ The issue is marked as closed but is not deleted. Prerequisites: -- You must have at least the [Reporter role](../../permissions.md) for the project, be the author of the issue, or be assigned to the issue. +- You must have at least the Reporter role for the project, be the author of the issue, or be assigned to the issue. To close an issue, you can do the following: @@ -366,7 +366,7 @@ To close an issue, you can do the following: Prerequisites: -- You must have at least the [Reporter role](../../permissions.md) for the project, be the author of the issue, or be assigned to the issue. +- You must have at least the Reporter role for the project, be the author of the issue, or be assigned to the issue. To reopen a closed issue, at the top of the issue, select **Reopen issue**. A reopened issue is no different from any other open issue. @@ -442,7 +442,7 @@ in the [project's settings](../settings/index.md). Prerequisites: -- You must have at least the [Maintainer role](../../permissions.md) for the project. +- You must have at least the Maintainer role for the project. To disable automatic issue closing: @@ -478,7 +478,7 @@ of your installation. Prerequisites: -- You must be the issue author or have at least the [Reporter role](../../permissions.md) for the project, be the author of the issue, or be assigned to the issue. +- You must be the issue author or have at least the Reporter role for the project, be the author of the issue, or be assigned to the issue. To change issue type: @@ -496,7 +496,7 @@ To change issue type: Prerequisites: -- You must have the [Owner role](../../permissions.md) for a project. +- You must have the Owner role for a project. To delete an issue: @@ -624,7 +624,7 @@ This status marks issues as progressing as planned or needing attention to keep Prerequisites: -- You must have at least the [Reporter role](../../permissions.md) for the project. +- You must have at least the Reporter role for the project. To edit health status of an issue: diff --git a/doc/user/project/issues/related_issues.md b/doc/user/project/issues/related_issues.md index ad39ec03cd2..f2ec58a4a69 100644 --- a/doc/user/project/issues/related_issues.md +++ b/doc/user/project/issues/related_issues.md @@ -25,7 +25,7 @@ To manage linked issues through our API, visit the [issue links API documentatio Prerequisites: -- You must have at least the Reporter [role](../../permissions.md) for both projects. +- You must have at least the Reporter role for both projects. To link one issue to another: diff --git a/doc/user/project/members/index.md b/doc/user/project/members/index.md index e4881917558..3132bd9a961 100644 --- a/doc/user/project/members/index.md +++ b/doc/user/project/members/index.md @@ -17,7 +17,7 @@ to perform actions. Prerequisite: -- You must have the [Maintainer or Owner role](../../permissions.md). +- You must have the Maintainer or Owner role. To add a user to a project: @@ -48,7 +48,7 @@ Each user's access is based on: Prerequisite: -- You must have the [Maintainer or Owner role](../../permissions.md). +- You must have the Maintainer or Owner role. To add groups to a project: @@ -72,7 +72,7 @@ retain the same permissions as the project you import them from. Prerequisite: -- You must have the [Maintainer or Owner role](../../permissions.md). +- You must have the Maintainer or Owner role. To import users: @@ -111,7 +111,7 @@ group itself. Prerequisites: -- You must have the [Owner role](../../permissions.md). +- You must have the Owner role. - Optional. Unassign the member from all issues and merge requests that are assigned to them. diff --git a/doc/user/project/merge_requests/allow_collaboration.md b/doc/user/project/merge_requests/allow_collaboration.md index b10d6597c1e..5826ebcab49 100644 --- a/doc/user/project/merge_requests/allow_collaboration.md +++ b/doc/user/project/merge_requests/allow_collaboration.md @@ -50,7 +50,7 @@ You can push directly to the branch of the forked repository if: - The author of the merge request has enabled contributions from upstream members. -- You have at least the [Developer role](../../permissions.md) in the +- You have at least the Developer role in the upstream project. In the following example: diff --git a/doc/user/project/merge_requests/approvals/rules.md b/doc/user/project/merge_requests/approvals/rules.md index 9bed24b3571..0379345ef4f 100644 --- a/doc/user/project/merge_requests/approvals/rules.md +++ b/doc/user/project/merge_requests/approvals/rules.md @@ -165,7 +165,7 @@ for protected branches. > - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/40491) in GitLab 13.4. > - Moved to GitLab Premium in 13.9. -You may have to grant users with the Reporter [role](../../../permissions.md#project-members-permissions) +You may have to grant users with the Reporter role permission to approve merge requests before they can merge to a protected branch. Some users (like managers) may not need permission to push or merge code, but still need oversight on proposed work. To enable approval permissions for these users without diff --git a/doc/user/project/merge_requests/authorization_for_merge_requests.md b/doc/user/project/merge_requests/authorization_for_merge_requests.md index 4ae59a76a9a..37ecc1b8d06 100644 --- a/doc/user/project/merge_requests/authorization_for_merge_requests.md +++ b/doc/user/project/merge_requests/authorization_for_merge_requests.md @@ -16,7 +16,7 @@ There are two main ways to have a merge request flow with GitLab: With the protected branch flow everybody works within the same GitLab project. -The project maintainers get the [Maintainer role](../../permissions.md) and the regular developers +The project maintainers get the Maintainer role and the regular developers get the Developer role. Maintainers mark the authoritative branches as 'Protected'. @@ -25,7 +25,7 @@ Developers push feature branches to the project and create merge requests to have their feature branches reviewed and merged into one of the protected branches. -By default, only users with the [Maintainer role](../../permissions.md) can merge changes into a +By default, only users with the Maintainer role can merge changes into a protected branch. **Advantages** @@ -39,7 +39,7 @@ protected branch. ## Forking workflow -With the forking workflow, maintainers get the [Maintainer role](../../permissions.md) and regular +With the forking workflow, maintainers get the Maintainer role and regular developers get the Reporter role on the authoritative repository, which prohibits them from pushing any changes to it. diff --git a/doc/user/project/merge_requests/drafts.md b/doc/user/project/merge_requests/drafts.md index b076b226475..b098fc52eb4 100644 --- a/doc/user/project/merge_requests/drafts.md +++ b/doc/user/project/merge_requests/drafts.md @@ -44,7 +44,7 @@ as a draft. This feature is scheduled for removal in GitLab 14.0. Use `Draft:` i When a merge request is ready to be merged, you can remove the `Draft` flag in several ways: - **Viewing a merge request**: In the top right corner of the merge request, click **Mark as ready**. - Users with [Developer or greater permissions](../../permissions.md) + Users with at least the Developer role can also scroll to the bottom of the merge request description and click **Mark as ready**:  diff --git a/doc/user/project/merge_requests/getting_started.md b/doc/user/project/merge_requests/getting_started.md index 1f93e4f7712..8699a42dd5d 100644 --- a/doc/user/project/merge_requests/getting_started.md +++ b/doc/user/project/merge_requests/getting_started.md @@ -162,7 +162,7 @@ enabled by default for all new merge requests, enable it in the This option is also visible in an existing merge request next to the merge request button and can be selected or deselected before merging. -It is only visible to users with the [Maintainer role](../../permissions.md) +It is only visible to users with the Maintainer role in the source project. If the user viewing the merge request does not have the correct diff --git a/doc/user/project/merge_requests/index.md b/doc/user/project/merge_requests/index.md index 8222d696853..186e14dcbcf 100644 --- a/doc/user/project/merge_requests/index.md +++ b/doc/user/project/merge_requests/index.md @@ -94,7 +94,7 @@ You cannot undo the deletion of a merge request. To delete a merge request: -1. Sign in to GitLab as a user with the project Owner [role](../../permissions.md). +1. Sign in to GitLab as a user with the project Owner role. Only users with this role can delete merge requests in a project. 1. Go to the merge request you want to delete, and select **Edit**. 1. Scroll to the bottom of the page, and select **Delete merge request**. diff --git a/doc/user/project/merge_requests/reviews/index.md b/doc/user/project/merge_requests/reviews/index.md index 04d0298f061..280ae07b401 100644 --- a/doc/user/project/merge_requests/reviews/index.md +++ b/doc/user/project/merge_requests/reviews/index.md @@ -160,7 +160,7 @@ Multiline comments display the comment's line numbers above the body of the comm ## Bulk edit merge requests at the project level -Users with permission level of [Developer or higher](../../../permissions.md) can manage merge requests. +Users with at least the Developer role can manage merge requests. When bulk-editing merge requests in a project, you can edit the following attributes: @@ -183,7 +183,7 @@ To update multiple project merge requests at the same time: > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/12719) in GitLab 12.2. -Users with permission level of [Developer or higher](../../../permissions.md) can manage merge requests. +Users with at least the Developer role can manage merge requests. When bulk editing merge requests in a group, you can edit the following attributes: diff --git a/doc/user/project/merge_requests/reviews/suggestions.md b/doc/user/project/merge_requests/reviews/suggestions.md index 1b2a35ba139..ce66d42a080 100644 --- a/doc/user/project/merge_requests/reviews/suggestions.md +++ b/doc/user/project/merge_requests/reviews/suggestions.md @@ -42,7 +42,7 @@ After the author applies a suggestion: 1. The suggestion is marked as **Applied**. 1. The thread is resolved. 1. GitLab creates a new commit with the changes. -1. If the user has the [Developer role](../../../permissions.md), GitLab pushes +1. If the user has the Developer role, GitLab pushes the suggested change directly into the codebase in the merge request's branch. ## Multi-line suggestions diff --git a/doc/user/project/milestones/index.md b/doc/user/project/milestones/index.md index 4e6b516d64c..f9742e8d3c6 100644 --- a/doc/user/project/milestones/index.md +++ b/doc/user/project/milestones/index.md @@ -53,8 +53,7 @@ If you're in a project and select **Issues > Milestones**, GitLab displays only ## Creating milestones -NOTE: -A permission level of [Developer or higher](../../permissions.md) is required to create milestones. +Users with at least the Developer role can create milestones. Milestones can be created either at project or group level. @@ -70,8 +69,7 @@ To create a milestone: ## Editing milestones -NOTE: -A permission level of [Developer or higher](../../permissions.md) is required to edit milestones. +Users with at least the Developer role can edit milestones. To edit a milestone: diff --git a/doc/user/project/protected_branches.md b/doc/user/project/protected_branches.md index 6f23495b513..6ff9e66eb8d 100644 --- a/doc/user/project/protected_branches.md +++ b/doc/user/project/protected_branches.md @@ -35,7 +35,7 @@ Administrators can set a default branch protection level in the Prerequisite: -- You must have at least the [Maintainer role](../permissions.md). +- You must have at least the Maintainer role. To protect a branch: @@ -52,7 +52,7 @@ The protected branch displays in the list of protected branches. Prerequisite: -- You must have at least the [Maintainer role](../permissions.md). +- You must have at least the Maintainer role. To protect multiple branches at the same time: @@ -75,7 +75,7 @@ The protected branch displays in the list of protected branches. ## Create a protected branch -Users with the Developer or higher [role](../permissions.md) can create a protected branch. +Users with at least the Developer role can create a protected branch. Prerequisites: @@ -217,7 +217,7 @@ for details about the pipelines security model. ## Delete a protected branch -Users with the [Maintainer role](../permissions.md) and greater can manually delete protected +Users with at least the Maintainer can manually delete protected branches by using the GitLab web interface: 1. Go to **Repository > Branches**. diff --git a/doc/user/project/protected_tags.md b/doc/user/project/protected_tags.md index f054b7e8e2a..7d071a45d63 100644 --- a/doc/user/project/protected_tags.md +++ b/doc/user/project/protected_tags.md @@ -22,12 +22,12 @@ This feature evolved out of [protected branches](protected_branches.md) By default: -- To create tags, you must have the [Maintainer role](../permissions.md). +- To create tags, you must have the Maintainer role. - No one can update or delete tags. ## Configuring protected tags -To protect a tag, you need to have at least the [Maintainer role](../permissions.md). +To protect a tag, you need to have at least the Maintainer role. 1. Go to the project's **Settings > Repository**. diff --git a/doc/user/project/releases/index.md b/doc/user/project/releases/index.md index 747b41d07f2..d4d2446807c 100644 --- a/doc/user/project/releases/index.md +++ b/doc/user/project/releases/index.md @@ -393,7 +393,7 @@ deploy_to_production: To set a deploy freeze window in the UI, complete these steps: -1. Sign in to GitLab as a user with the [Maintainer role](../../permissions.md). +1. Sign in to GitLab as a user with the Maintainer role. 1. On the left sidebar, select **Project information**. 1. In the left navigation menu, navigate to **Settings > CI/CD**. 1. Scroll to **Deploy freezes**. @@ -767,22 +767,22 @@ In the API: > [Changes were made to the Guest role access](https://gitlab.com/gitlab-org/gitlab/-/issues/335209) in GitLab 14.5. -- Users with the [Reporter role or above](../../../user/permissions.md#project-members-permissions) +- Users with at least the Reporter role have read and download access to the project releases. -- Users with the [Guest role](../../../user/permissions.md#project-members-permissions) +- Users with the Guest role have read and download access to the project releases. This includes associated Git-tag-names, release description, author information of the releases. However, other repository-related information, such as [source code](#source-code), [release evidence](#release-evidence) are redacted. ### Create, update, and delete a release and its assets -- Users with [Developer role or above](../../../user/permissions.md#project-members-permissions) +- Users with at least the Developer role have write access to the project releases and assets. - If a release is associated with a [protected tag](../protected_tags.md), the user must be [allowed to create the protected tag](../protected_tags.md#configuring-protected-tags) too. As an example of release permission control, you can allow only -[Maintainer role or above](../../../user/permissions.md#project-members-permissions) +users with at least the Maintainer role to create, update, and delete releases by protecting the tag with a wildcard (`*`), and set **Maintainer** in the **Allowed to create** column. diff --git a/doc/user/project/repository/branches/default.md b/doc/user/project/repository/branches/default.md index 65b7c4a9881..0fafe27bfe2 100644 --- a/doc/user/project/repository/branches/default.md +++ b/doc/user/project/repository/branches/default.md @@ -38,7 +38,7 @@ the [Git commands you need](#update-the-default-branch-name-in-your-repository) To update the default branch name for an individual [project](../../index.md): -1. Sign in to GitLab with at least the [Maintainer](../../../permissions.md) role. +1. Sign in to GitLab with at least the Maintainer role. 1. In the left navigation menu, go to **Settings > Repository**. 1. Expand **Default branch**, and select a new default branch. 1. Optional. Select the **Auto-close referenced issues on default branch** checkbox to close @@ -129,7 +129,7 @@ renames a Git repository's (`example`) default branch. git symbolic-ref refs/remotes/origin/HEAD refs/remotes/origin/main ``` -1. Sign in to GitLab with at least the [Maintainer](../../../permissions.md) +1. Sign in to GitLab with at least the Maintainer role and follow the instructions to [change the default branch for this project](#change-the-default-branch-name-for-a-project). Select `main` as your new default branch. diff --git a/doc/user/project/repository/forking_workflow.md b/doc/user/project/repository/forking_workflow.md index 1ab21286a8e..cc1d2d26e3d 100644 --- a/doc/user/project/repository/forking_workflow.md +++ b/doc/user/project/repository/forking_workflow.md @@ -27,16 +27,15 @@ To fork an existing project in GitLab: 1. Select the project to fork to: - Recommended method. Below **Select a namespace to fork the project**, identify - the project you want to fork to, and click **Select**. Only namespaces you have - Developer and higher [permissions](../../permissions.md) for are shown. + the project you want to fork to, and click **Select**. Only namespaces where you have + at least the Developer role for are shown.  - Experimental method. If your GitLab administrator has [enabled the experimental fork project form](#enable-or-disable-the-fork-project-form), read [Create a fork with the fork project form](#create-a-fork-with-the-fork-project-form). - Only namespaces you have at least the Developer - [role](../../permissions.md) for are shown. + Only namespaces where you have at least the Developer role for are shown. NOTE: The project path must be unique in the namespace. diff --git a/doc/user/project/repository/mirror/index.md b/doc/user/project/repository/mirror/index.md index c8950d39f28..cddbc6fd891 100644 --- a/doc/user/project/repository/mirror/index.md +++ b/doc/user/project/repository/mirror/index.md @@ -37,7 +37,7 @@ Mirror a repository when: Prerequisite: -- You must have at least the [Maintainer role](../../../permissions.md) for the project. +- You must have at least the Maintainer role for the project. - If your mirror connects with `ssh://`, the host key must be detectable on the server, or you must have a local copy of the key. @@ -45,8 +45,8 @@ Prerequisite: 1. On the left sidebar, select **Settings > Repository**. 1. Expand **Mirroring repositories**. 1. Enter a **Git repository URL**. For security reasons, the URL to the original - repository is only displayed to users with the [Maintainer role](../../../permissions.md) - or the [Owner role](../../../permissions.md) for the mirrored project. + repository is only displayed to users with the Maintainer role + or the Owner role for the mirrored project. 1. Select a **Mirror direction**. 1. If you entered a `ssh://` URL, select either: - **Detect host keys**: GitLab fetches the host keys from the server and displays the fingerprints. @@ -87,7 +87,7 @@ While mirrors are scheduled to update automatically, you can force an immediate Prerequisite: -- You must have at least the [Maintainer role](../../../permissions.md) for the project. +- You must have at least the Maintainer role for the project. 1. On the top bar, select **Menu > Projects** and find your project. 1. On the left sidebar, select **Settings > Repository**. diff --git a/doc/user/project/requirements/index.md b/doc/user/project/requirements/index.md index 5fe0e0ef3a2..d549a22910a 100644 --- a/doc/user/project/requirements/index.md +++ b/doc/user/project/requirements/index.md @@ -40,7 +40,7 @@ can create a new requirement. Prerequisite: -- You must have at least the Reporter [role](../../permissions.md). +- You must have at least the Reporter role. To create a requirement: @@ -70,7 +70,7 @@ You can edit a requirement from the requirements list page. Prerequisite: -- You must have at least the Reporter [role](../../permissions.md). +- You must have at least the Reporter role. To edit a requirement: @@ -86,7 +86,7 @@ you're in the **Open** tab. Prerequisite: -- You must have at least the Reporter [role](../../permissions.md). +- You must have at least the Reporter role. To archive a requirement, select **Archive** (**{archive}**). @@ -98,7 +98,7 @@ You can view the list of archived requirements in the **Archived** tab. Prerequisite: -- You must have at least the Reporter [role](../../permissions.md). +- You must have at least the Reporter role.  @@ -217,7 +217,7 @@ requirements_confirmation: > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/246857) in GitLab 13.7. -You must have at least the Reporter [role](../../permissions.md). +You must have at least the Reporter role. You can import requirements to a project by uploading a [CSV file](https://en.wikipedia.org/wiki/Comma-separated_values) with the columns `title` and `description`. @@ -291,7 +291,7 @@ audit and regulatory compliance tasks. Prerequisite: -- You must have at least the Reporter [role](../../permissions.md). +- You must have at least the Reporter role. To export requirements: diff --git a/doc/user/project/service_desk.md b/doc/user/project/service_desk.md index 1b30f14ac90..df4b2764adf 100644 --- a/doc/user/project/service_desk.md +++ b/doc/user/project/service_desk.md @@ -87,7 +87,7 @@ To improve your project's security, we recommend the following: Unblocked email spam can result in many spam issues being created. The unique internal email address is visible to project members at least -the Reporter [role](../permissions.md) in your GitLab instance. +the Reporter role in your GitLab instance. An external user (issue creator) cannot see the internal email address displayed in the information note. diff --git a/doc/user/project/settings/import_export.md b/doc/user/project/settings/import_export.md index 06bdf4ca14b..3b9bdda50a3 100644 --- a/doc/user/project/settings/import_export.md +++ b/doc/user/project/settings/import_export.md @@ -122,8 +122,7 @@ As described in the API documentation, the query may return an import error or e The following items are imported but changed slightly: -- Project members with the [Owner role](../../permissions.md) - are imported as Maintainers. +- Project members with the Owner role are imported as Maintainers. - If an imported project contains merge requests originating from forks, then new branches associated with such merge requests are created in a project during the import/export. Thus, the number of branches in the exported project might be bigger than in the original project. diff --git a/doc/user/project/settings/index.md b/doc/user/project/settings/index.md index 34cc49c1e22..dda788f3d13 100644 --- a/doc/user/project/settings/index.md +++ b/doc/user/project/settings/index.md @@ -16,7 +16,7 @@ In GitLab versions [13.10 and later](https://gitlab.com/groups/gitlab-org/-/epic GitLab displays a search box to help you find the settings you want to view. NOTE: -Only users who have the [Maintainer role](../../permissions.md) for the project and administrators can +Only users who have the Maintainer role for the project and administrators can access project settings. ## General settings @@ -408,8 +408,8 @@ You can transfer an existing project into a [group](../../group/index.md). Prerequisites: -- You must have at least **Maintainer** [role](../../permissions.md#project-members-permissions) in that group. -- You must be **Owner** of that project. +- You must have at least the Maintainer role in that group. +- You must be the Owner of that project. - The group to which the project is being transferred to must allow creation of new projects. - The project must not contain any [container images](../../packages/container_registry/index.md#limitations). - If you transfer a project to a different root namespace, diff --git a/doc/user/project/time_tracking.md b/doc/user/project/time_tracking.md index 7a6df9972ec..3ea07e1a014 100644 --- a/doc/user/project/time_tracking.md +++ b/doc/user/project/time_tracking.md @@ -122,7 +122,7 @@ You can view a breakdown of time spent on an issue or merge request. Prerequisites: -- You must have at least the [Reporter role](../permissions.md#project-members-permissions) for a project. +- You must have at least the Reporter role for a project. To view a time tracking report: diff --git a/doc/user/project/wiki/group.md b/doc/user/project/wiki/group.md index 731fed2595a..2c499af123c 100644 --- a/doc/user/project/wiki/group.md +++ b/doc/user/project/wiki/group.md @@ -22,7 +22,7 @@ Group wikis are similar to [project wikis](index.md), with a few limitations: For updates, follow [the epic that tracks feature parity with project wikis](https://gitlab.com/groups/gitlab-org/-/epics/2782). -Similar to project wikis, group members with the [Developer role](../../permissions.md#group-members-permissions) +Similar to project wikis, group members with at least the Developer role and higher can edit group wikis. Group wiki repositories can be moved using the [Group repository storage moves API](../../../api/group_repository_storage_moves.md). @@ -40,7 +40,7 @@ To access a group wiki: > Introduced in [GitLab 13.9](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/53247). -Users with the [Owner role](../../permissions.md) in a group can +Users with the Owner role in a group can [import and export group wikis](../../group/settings/import_export.md) when importing or exporting a group. diff --git a/doc/user/project/wiki/index.md b/doc/user/project/wiki/index.md index 95ea1b4d0bc..5e984c0b2dc 100644 --- a/doc/user/project/wiki/index.md +++ b/doc/user/project/wiki/index.md @@ -74,7 +74,7 @@ to be used as your wiki's home page. To create it: ## Create a new wiki page -Users with the [Developer role](../../permissions.md) can create new wiki pages: +Users with at least the Developer role can create new wiki pages: 1. On the top bar, select **Menu**. - For project wikis, select **Projects** and find your project. @@ -137,7 +137,7 @@ may not be able to check out the wiki locally afterward. ## Edit a wiki page -You need at least the [Developer role](../../permissions.md) to edit a wiki page: +You need at least the Developer role to edit a wiki page: 1. On the top bar, select **Menu**. - For project wikis, select **Projects** and find your project. @@ -156,7 +156,7 @@ For an example, read [Table of contents](../../markdown.md#table-of-contents). ## Delete a wiki page -You need at least the [Developer role](../../permissions.md) to delete a wiki page: +You need at least the Developer role to delete a wiki page: 1. On the top bar, select **Menu**. - For project wikis, select **Projects** and find your project. @@ -169,7 +169,7 @@ You need at least the [Developer role](../../permissions.md) to delete a wiki pa ## Move a wiki page -You need at least the [Developer role](../../permissions.md) to move a wiki page: +You need at least the Developer role to move a wiki page: 1. On the top bar, select **Menu**. - For project wikis, select **Projects** and find your project. @@ -239,7 +239,7 @@ Commits to wikis are not counted in [repository analytics](../../analytics/repos > [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/23109) in GitLab 13.8, the sidebar can be customized by selecting the **Edit sidebar** button. -You need at least the [Developer role](../../permissions.md) to customize the wiki +You need at least the Developer role to customize the wiki navigation sidebar. This process creates a wiki page named `_sidebar` which fully replaces the default sidebar navigation: |