Update permissions docs
This commit is contained in:
parent
20ca5e3041
commit
bf817b3bfe
|
@ -51,6 +51,9 @@ The following table depicts the various user permission levels in a project.
|
||||||
| See a container registry | | ✓ | ✓ | ✓ | ✓ |
|
| See a container registry | | ✓ | ✓ | ✓ | ✓ |
|
||||||
| See environments | | ✓ | ✓ | ✓ | ✓ |
|
| See environments | | ✓ | ✓ | ✓ | ✓ |
|
||||||
| See a list of merge requests | | ✓ | ✓ | ✓ | ✓ |
|
| See a list of merge requests | | ✓ | ✓ | ✓ | ✓ |
|
||||||
|
| Manage related issues **[STARTER]** | | ✓ | ✓ | ✓ | ✓ |
|
||||||
|
| Lock issue discussions | | ✓ | ✓ | ✓ | ✓ |
|
||||||
|
| Lock merge request discussions | | | ✓ | ✓ | ✓ |
|
||||||
| Create new environments | | | ✓ | ✓ | ✓ |
|
| Create new environments | | | ✓ | ✓ | ✓ |
|
||||||
| Stop environments | | | ✓ | ✓ | ✓ |
|
| Stop environments | | | ✓ | ✓ | ✓ |
|
||||||
| Manage/Accept merge requests | | | ✓ | ✓ | ✓ |
|
| Manage/Accept merge requests | | | ✓ | ✓ | ✓ |
|
||||||
|
@ -76,11 +79,12 @@ The following table depicts the various user permission levels in a project.
|
||||||
| Edit project | | | | ✓ | ✓ |
|
| Edit project | | | | ✓ | ✓ |
|
||||||
| Add deploy keys to project | | | | ✓ | ✓ |
|
| Add deploy keys to project | | | | ✓ | ✓ |
|
||||||
| Configure project hooks | | | | ✓ | ✓ |
|
| Configure project hooks | | | | ✓ | ✓ |
|
||||||
| Manage runners | | | | ✓ | ✓ |
|
| Manage Runners | | | | ✓ | ✓ |
|
||||||
| Manage job triggers | | | | ✓ | ✓ |
|
| Manage job triggers | | | | ✓ | ✓ |
|
||||||
| Manage variables | | | | ✓ | ✓ |
|
| Manage variables | | | | ✓ | ✓ |
|
||||||
| Manage pages | | | | ✓ | ✓ |
|
| Manage GitLab Pages | | | | ✓ | ✓ |
|
||||||
| Manage pages domains and certificates | | | | ✓ | ✓ |
|
| Manage GitLab Pages domains and certificates | | | | ✓ | ✓ |
|
||||||
|
| Remove GitLab Pages | | | | | ✓ |
|
||||||
| Manage clusters | | | | ✓ | ✓ |
|
| Manage clusters | | | | ✓ | ✓ |
|
||||||
| Edit comments (posted by any user) | | | | ✓ | ✓ |
|
| Edit comments (posted by any user) | | | | ✓ | ✓ |
|
||||||
| Switch visibility level | | | | | ✓ |
|
| Switch visibility level | | | | | ✓ |
|
||||||
|
@ -90,6 +94,7 @@ The following table depicts the various user permission levels in a project.
|
||||||
| Remove pages | | | | | ✓ |
|
| Remove pages | | | | | ✓ |
|
||||||
| Force push to protected branches [^4] | | | | | |
|
| Force push to protected branches [^4] | | | | | |
|
||||||
| Remove protected branches [^4] | | | | | |
|
| Remove protected branches [^4] | | | | | |
|
||||||
|
| View project Audit Events | | | | ✓ | ✓ |
|
||||||
|
|
||||||
## Project features permissions
|
## Project features permissions
|
||||||
|
|
||||||
|
@ -127,17 +132,12 @@ and drag issues around. Read though the
|
||||||
[documentation on Issue Boards permissions](project/issue_board.md#permissions)
|
[documentation on Issue Boards permissions](project/issue_board.md#permissions)
|
||||||
to learn more.
|
to learn more.
|
||||||
|
|
||||||
### File Locking permissions
|
### File Locking permissions **[PREMIUM]**
|
||||||
|
|
||||||
> Available in [GitLab Premium](https://about.gitlab.com/products/).
|
|
||||||
|
|
||||||
The user that locks a file or directory is the only one that can edit and push their changes back to the repository where the locked objects are located.
|
The user that locks a file or directory is the only one that can edit and push their changes back to the repository where the locked objects are located.
|
||||||
|
|
||||||
Read through the documentation on [permissions for File Locking](https://docs.gitlab.com/ee/user/project/file_lock.html#permissions-on-file-locking) to learn more.
|
Read through the documentation on [permissions for File Locking](https://docs.gitlab.com/ee/user/project/file_lock.html#permissions-on-file-locking) to learn more.
|
||||||
|
|
||||||
File Locking is available in
|
|
||||||
[GitLab Premium](https://about.gitlab.com/products/) only.
|
|
||||||
|
|
||||||
### Confidential Issues permissions
|
### Confidential Issues permissions
|
||||||
|
|
||||||
Confidential issues can be accessed by reporters and higher permission levels,
|
Confidential issues can be accessed by reporters and higher permission levels,
|
||||||
|
@ -160,6 +160,12 @@ group.
|
||||||
| Remove group | | | | | ✓ |
|
| Remove group | | | | | ✓ |
|
||||||
| Manage group labels | | ✓ | ✓ | ✓ | ✓ |
|
| Manage group labels | | ✓ | ✓ | ✓ | ✓ |
|
||||||
| Create/edit/delete group milestones | | | ✓ | ✓ | ✓ |
|
| Create/edit/delete group milestones | | | ✓ | ✓ | ✓ |
|
||||||
|
| View private group epic **[ULTIMATE]** | | ✓ | ✓ | ✓ | ✓ |
|
||||||
|
| View internal group epic **[ULTIMATE]** | ✓ | ✓ | ✓ | ✓ | ✓ |
|
||||||
|
| View public group epic **[ULTIMATE]** | ✓ | ✓ | ✓ | ✓ | ✓ |
|
||||||
|
| Create/edit group epic **[ULTIMATE]** | | ✓ | ✓ | ✓ | ✓ |
|
||||||
|
| Delete group epic **[ULTIMATE]** | | | | | ✓ |
|
||||||
|
| View group Audit Events | | | | | ✓ |
|
||||||
|
|
||||||
### Subgroup permissions
|
### Subgroup permissions
|
||||||
|
|
||||||
|
@ -194,6 +200,27 @@ will find the option to flag the user as external.
|
||||||
By default new users are not set as external users. This behavior can be changed
|
By default new users are not set as external users. This behavior can be changed
|
||||||
by an administrator under **Admin > Application Settings**.
|
by an administrator under **Admin > Application Settings**.
|
||||||
|
|
||||||
|
## Auditor users **[PREMIUM ONLY]**
|
||||||
|
|
||||||
|
>[Introduced][ee-998] in [GitLab Premium][eep] 8.17.
|
||||||
|
|
||||||
|
Auditor users are given read-only access to all projects, groups, and other
|
||||||
|
resources on the GitLab instance.
|
||||||
|
|
||||||
|
An Auditor user should be able to access all projects and groups of a GitLab instance
|
||||||
|
with the permissions described on the documentation on [auditor users permissions](https://docs.gitlab.com/ee/administration/auditor_users.html#permissions-and-restrictions-of-an-auditor-user).
|
||||||
|
|
||||||
|
[Read more about Auditor users.](https://docs.gitlab.com/ee/administration/auditor_users.html)
|
||||||
|
|
||||||
|
## Project features
|
||||||
|
|
||||||
|
Project features like wiki and issues can be hidden from users depending on
|
||||||
|
which visibility level you select on project settings.
|
||||||
|
|
||||||
|
- Disabled: disabled for everyone
|
||||||
|
- Only team members: only team members will see even if your project is public or internal
|
||||||
|
- Everyone with access: everyone can see depending on your project visibility level
|
||||||
|
|
||||||
## GitLab CI/CD permissions
|
## GitLab CI/CD permissions
|
||||||
|
|
||||||
GitLab CI/CD permissions rely on the role the user has in GitLab. There are four
|
GitLab CI/CD permissions rely on the role the user has in GitLab. There are four
|
||||||
|
@ -263,16 +290,6 @@ for details about the pipelines security model.
|
||||||
Since GitLab 8.15, LDAP user permissions can now be manually overridden by an admin user.
|
Since GitLab 8.15, LDAP user permissions can now be manually overridden by an admin user.
|
||||||
Read through the documentation on [LDAP users permissions](https://docs.gitlab.com/ee/articles/how_to_configure_ldap_gitlab_ee/index.html#updating-user-permissions-new-feature) to learn more.
|
Read through the documentation on [LDAP users permissions](https://docs.gitlab.com/ee/articles/how_to_configure_ldap_gitlab_ee/index.html#updating-user-permissions-new-feature) to learn more.
|
||||||
|
|
||||||
## Auditor users permissions
|
|
||||||
|
|
||||||
> Available in [GitLab Premium](https://about.gitlab.com/products/).
|
|
||||||
|
|
||||||
An Auditor user should be able to access all projects and groups of a GitLab instance
|
|
||||||
with the permissions described on the documentation on [auditor users permissions](https://docs.gitlab.com/ee/administration/auditor_users.html#permissions-and-restrictions-of-an-auditor-user).
|
|
||||||
|
|
||||||
Auditor users are available in [GitLab Premium](https://about.gitlab.com/products/)
|
|
||||||
only.
|
|
||||||
|
|
||||||
[^1]: On public and internal projects, all users are able to perform this action
|
[^1]: On public and internal projects, all users are able to perform this action
|
||||||
[^2]: Guest users can only view the confidential issues they created themselves
|
[^2]: Guest users can only view the confidential issues they created themselves
|
||||||
[^3]: If **Public pipelines** is enabled in **Project Settings > CI/CD**
|
[^3]: If **Public pipelines** is enabled in **Project Settings > CI/CD**
|
||||||
|
@ -283,3 +300,5 @@ only.
|
||||||
|
|
||||||
[ce-18994]: https://gitlab.com/gitlab-org/gitlab-ce/issues/18994
|
[ce-18994]: https://gitlab.com/gitlab-org/gitlab-ce/issues/18994
|
||||||
[new-mod]: project/new_ci_build_permissions_model.md
|
[new-mod]: project/new_ci_build_permissions_model.md
|
||||||
|
[ee-998]: https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/998
|
||||||
|
[eep]: https://about.gitlab.com/products/
|
Loading…
Reference in New Issue