Restrict public users for private instances
Implements #3508 (closed)
Merge request reports
Activity
@DouweM Can you take a look please? I changed a little bit.
@rspeicher Can you please review this one? Still going to add specs.
- Last reply by Felipe Artur
- Last reply by Robert Speicher
- Last reply by Robert Speicher
- Last reply by Robert Speicher
- Last reply by Robert Speicher
- Last reply by Robert Speicher
@rspeicher Made the changes and added specs.
- Last reply by Robert Speicher
- Last reply by Robert Speicher
- Last reply by Robert Speicher
- Last reply by Felipe Artur
- Last reply by Robert Speicher
- Last reply by Robert Speicher
- Last reply by Robert Speicher
- Last reply by Robert Speicher
Added 276 commits:
- 4ef3b0d8...c3875b5f - 272 commits from branch
master - 64e339fc - Restrict user profiles based on restricted visibility levels
- 218f20eb - Move verification to abilities
- 742b8ceb - Add specs and fix code
- 96902099 - Fix code
Toggle commit list- 4ef3b0d8...c3875b5f - 272 commits from branch
@rspeicher Can you please review again?
This change should be for companies with ONLY private projects. So i think this should be it.
- Last reply by Robert Speicher
Reassigned to @DouweM
- Last reply by Felipe Artur
- Last reply by Douwe Maan
- Last reply by Douwe Maan
- Last reply by Felipe Artur
- Last reply by Douwe Maan
- Last reply by Douwe Maan
- Last reply by Felipe Artur
Reassigned to @felipe_artur
@felipe_artur Are there other places where we expose users to unauthenticated users? I'm thinking of autocompletion, API, that sort of thing.
@felipe_artur We should also document this in the permissions document, and add a description to the "Restricted visibility levels" option in the admin area to say that if public is restricted, so are user profiles.
@DouweM If we have to worry with the scenario where there are public groups with private projects then YES there are other places. Do we?
I will check API.
Added 229 commits:
- 02c5213b...77e178b5 - 223 commits from branch
master - 8688007e - Restrict user profiles based on restricted visibility levels
- 6ac6416f - Move verification to abilities
- 6a845eac - Add specs and fix code
- 53815231 - Fix code
- c9d75812 - Fix specs
- 6b9cb0ef - Code fixes
Toggle commit list- 02c5213b...77e178b5 - 223 commits from branch
- Last reply by Douwe Maan
Reassigned to @DouweM
Reassigned to @felipe_artur
Reassigned to @DouweM
470 480 471 481 private 472 482 483 def restricted_public_level? 484 current_application_settings.restricted_visibility_levels.include?(Gitlab::VisibilityLevel::PUBLIC) - Last reply by Douwe Maan
- Last reply by Douwe Maan
- Last reply by Felipe Artur
- Last reply by Douwe Maan
Reassigned to @felipe_artur
Reassigned to @DouweM
Added 464 commits:
- 39d853f5...c0678f2d - 463 commits from branch
master - 5395e617 - Merge branch 'master' into issue_3508
- 39d853f5...c0678f2d - 463 commits from branch
@DouweM Done
@DouweM Can we merge this one?
@felipe_artur Looks good :) Please fix the merge conflict, ping me on Slack and I'll merge.
Reassigned to @felipe_artur
Added 279 commits:
- 5395e617...5ae4fd21 - 268 commits from branch
master - b05f0a48 - Restrict user profiles based on restricted visibility levels
- 57519565 - Move verification to abilities
- 668d6ffa - Add specs and fix code
- e8a77c0a - Fix code
- 147879ae - Fix specs
- 07b38c3b - Code fixes
- ce96d482 - Insert users check into api
- 09c8cf9d - Remove group members check
- 7d54e721 - Insert instructions in admin page and permissions document
- 820c08ce - Fix documentation and improve permissions code
- 2366768d - Add changelog entry
Toggle commit list- 5395e617...5ae4fd21 - 268 commits from branch
mentioned in commit 58665b64
mentioned in issue #14142 (closed)
mentioned in merge request gitlab-com/www-gitlab-com!1886 (merged)
