Add new table to store email domain
In order to save user preferences regarding user emails allowed to be invited to group Add foreign_key and down method Change adding foreign key Add partial call to view Add changelog entry Fix schema
This commit is contained in:
parent
0baadb42e2
commit
3b32ac5678
|
@ -18,6 +18,7 @@
|
|||
%span.descr.text-muted= share_with_group_lock_help_text(@group)
|
||||
|
||||
= render_if_exists 'groups/settings/ip_restriction', f: f, group: @group
|
||||
= render_if_exists 'groups/settings/allowed_email_domain', f: f, group: @group
|
||||
= render 'groups/settings/lfs', f: f
|
||||
= render 'groups/settings/project_creation_level', f: f, group: @group
|
||||
= render 'groups/settings/subgroup_creation_level', f: f, group: @group
|
||||
|
|
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
title: Add new table to store email domain per group
|
||||
merge_request: 31071
|
||||
author:
|
||||
type: added
|
|
@ -0,0 +1,22 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
# See http://doc.gitlab.com/ce/development/migration_style_guide.html
|
||||
# for more information on how to write migrations for GitLab.
|
||||
|
||||
class CreateAllowedEmailDomainsForGroups < ActiveRecord::Migration[5.2]
|
||||
# Set this constant to true if this migration requires downtime.
|
||||
DOWNTIME = false
|
||||
|
||||
def change
|
||||
create_table :allowed_email_domains do |t|
|
||||
t.timestamps_with_timezone null: false
|
||||
t.references :group, references: :namespace,
|
||||
column: :group_id,
|
||||
type: :integer,
|
||||
null: false,
|
||||
index: true
|
||||
t.foreign_key :namespaces, column: :group_id, on_delete: :cascade
|
||||
t.string :domain, null: false, limit: 255
|
||||
end
|
||||
end
|
||||
end
|
|
@ -26,6 +26,14 @@ ActiveRecord::Schema.define(version: 2019_08_15_093949) do
|
|||
t.integer "cached_markdown_version"
|
||||
end
|
||||
|
||||
create_table "allowed_email_domains", force: :cascade do |t|
|
||||
t.datetime_with_timezone "created_at", null: false
|
||||
t.datetime_with_timezone "updated_at", null: false
|
||||
t.integer "group_id", null: false
|
||||
t.string "domain", limit: 255, null: false
|
||||
t.index ["group_id"], name: "index_allowed_email_domains_on_group_id"
|
||||
end
|
||||
|
||||
create_table "analytics_cycle_analytics_group_stages", force: :cascade do |t|
|
||||
t.datetime_with_timezone "created_at", null: false
|
||||
t.datetime_with_timezone "updated_at", null: false
|
||||
|
@ -3670,6 +3678,7 @@ ActiveRecord::Schema.define(version: 2019_08_15_093949) do
|
|||
t.index ["type"], name: "index_web_hooks_on_type"
|
||||
end
|
||||
|
||||
add_foreign_key "allowed_email_domains", "namespaces", column: "group_id", on_delete: :cascade
|
||||
add_foreign_key "analytics_cycle_analytics_group_stages", "labels", column: "end_event_label_id", on_delete: :cascade
|
||||
add_foreign_key "analytics_cycle_analytics_group_stages", "labels", column: "start_event_label_id", on_delete: :cascade
|
||||
add_foreign_key "analytics_cycle_analytics_group_stages", "namespaces", column: "group_id", on_delete: :cascade
|
||||
|
|
|
@ -350,6 +350,38 @@ Restriction currently applies to UI, API access is not restricted.
|
|||
To avoid accidental lock-out, admins and group owners are are able to access
|
||||
the group regardless of the IP restriction.
|
||||
|
||||
#### Allowed domain restriction **(PREMIUM ONLY)**
|
||||
|
||||
> [Introduced](https://gitlab.com/gitlab-org/gitlab-ee/issues/7297) in
|
||||
[GitLab Premium](https://about.gitlab.com/pricing/) 12.2.
|
||||
|
||||
You can restrict access to groups and their underlying projects by
|
||||
allowing only users with email addresses in particular domains to be added to the group.
|
||||
|
||||
Add email domains you want to whitelist and users with emails from different
|
||||
domains won't be allowed to be added to this group.
|
||||
|
||||
Some domains cannot be restricted. These are the most popular public email domains, such as:
|
||||
|
||||
- `gmail.com`
|
||||
- `yahoo.com`
|
||||
- `hotmail.com`
|
||||
- `aol.com`
|
||||
- `msn.com`
|
||||
- `hotmail.co.uk`
|
||||
- `hotmail.fr`
|
||||
- `live.com`
|
||||
- `outlook.com`
|
||||
- `icloud.com`
|
||||
|
||||
To enable this feature:
|
||||
|
||||
1. Navigate to the group's **Settings > General** page.
|
||||
1. Expand the **Permissions, LFS, 2FA** section, and enter domain name into **Restrict membership by email** field.
|
||||
1. Click **Save changes**.
|
||||
|
||||
This will enable the domain-checking for all new users added to the group from this moment on.
|
||||
|
||||
#### Group file templates **(PREMIUM)**
|
||||
|
||||
Group file templates allow you to share a set of templates for common file
|
||||
|
|
Loading…
Reference in New Issue