Skip to content
代码片段 群组 项目
未验证 提交 e44f8a33 编辑于 作者: Marcel Amirault's avatar Marcel Amirault 提交者: GitLab
浏览文件

Merge branch 'group-member-permissions' into 'master' 

Group member permissions: Move footnotes into table

See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/145171



Merged-by: default avatarMarcel Amirault <mamirault@gitlab.com>
Reviewed-by: default avatarMarcel Amirault <mamirault@gitlab.com>
Co-authored-by: default avatarJonathan Glassman <jglassman@gitlab.com>
上级 b80a3fce 578838fc
No related branches found
No related tags found
无相关合并请求
隐藏空白变更内容
行内 左右并排
显示
65 个添加80 个删除
doc/user/permissions.md
+ 65
80
浏览文件 @ e44f8a33
...@@ -301,86 +301,71 @@ The following table lists group permissions available for each role: ...@@ -301,86 +301,71 @@ The following table lists group permissions available for each role:
<!-- Keep this table sorted: first, by minimum role, then alphabetically. --> <!-- Keep this table sorted: first, by minimum role, then alphabetically. -->
| Action | Guest | Reporter | Developer | Maintainer | Owner | | Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
|-----------------------------------------------------------------------------------------|-------|----------|-----------|------------|-------| |-----------------------------------------------------------------------------------------|-------|----------|-----------|------------|-------|-------|
| Add an issue to an [epic](group/epics/index.md) | ✓ (7) | ✓ (7) | ✓ (7) | ✓ (7) | ✓ (7) | | Add an issue to an [epic](group/epics/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | You must have permission to [view the epic](group/epics/manage_epics.md#who-can-view-an-epic) and edit the issue. |
| Add/remove [child epics](group/epics/manage_epics.md#multi-level-child-epics) | ✓ (8) | ✓ | ✓ | ✓ | ✓ | | Add/remove [child epics](group/epics/manage_epics.md#multi-level-child-epics) | ✓ | ✓ | ✓ | ✓ | ✓ | You must have permission to [view](group/epics/manage_epics.md#who-can-view-an-epic) the parent and child epics. |
| Browse group | ✓ | ✓ | ✓ | ✓ | ✓ | | Browse group | ✓ | ✓ | ✓ | ✓ | ✓ | |
| Pull a container image using the dependency proxy | ✓ | ✓ | ✓ | ✓ | ✓ | | Pull a container image using the dependency proxy | ✓ | ✓ | ✓ | ✓ | ✓ | |
| Pull a container registry image | ✓ (6) | ✓ | ✓ | ✓ | ✓ | | Pull a container registry image | ✓ | ✓ | ✓ | ✓ | ✓ | Guests can only view events based on their individual actions. |
| View [group wiki](project/wiki/group.md) pages | ✓ (5) | ✓ | ✓ | ✓ | ✓ | | View [group wiki](project/wiki/group.md) pages | ✓ | ✓ | ✓ | ✓ | ✓ | Guests: In addition, if your group is public or internal, all users who can see the group can also see group wiki pages. |
| View [Insights](project/insights/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | | View [Insights](project/insights/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | |
| View [Insights](project/insights/index.md) charts | ✓ | ✓ | ✓ | ✓ | ✓ | | View [Insights](project/insights/index.md) charts | ✓ | ✓ | ✓ | ✓ | ✓ | |
| View [Issue analytics](analytics/issue_analytics.md) | ✓ | ✓ | ✓ | ✓ | ✓ | | View [Issue analytics](analytics/issue_analytics.md) | ✓ | ✓ | ✓ | ✓ | ✓ | |
| View Contribution analytics | ✓ | ✓ | ✓ | ✓ | ✓ | | View Contribution analytics | ✓ | ✓ | ✓ | ✓ | ✓ | |
| View group [epic](group/epics/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | | View group [epic](group/epics/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | |
| View value stream analytics | ✓ | ✓ | ✓ | ✓ | ✓ | | View value stream analytics | ✓ | ✓ | ✓ | ✓ | ✓ | |
| Create/edit group [epic](group/epics/index.md) | | ✓ | ✓ | ✓ | ✓ | | Create/edit group [epic](group/epics/index.md) | | ✓ | ✓ | ✓ | ✓ | |
| Create/edit/delete [epic boards](group/epics/epic_boards.md) | | ✓ | ✓ | ✓ | ✓ | | Create/edit/delete [epic boards](group/epics/epic_boards.md) | | ✓ | ✓ | ✓ | ✓ | |
| Create/edit/delete group milestones | | ✓ | ✓ | ✓ | ✓ | | Create/edit/delete group milestones | | ✓ | ✓ | ✓ | ✓ | |
| Create/edit/delete iterations | | ✓ | ✓ | ✓ | ✓ | | Create/edit/delete iterations | | ✓ | ✓ | ✓ | ✓ | |
| Manage group labels | | ✓ | ✓ | ✓ | ✓ | | Manage group labels | | ✓ | ✓ | ✓ | ✓ | |
| Pull [packages](packages/index.md) | | ✓ | ✓ | ✓ | ✓ | | Pull [packages](packages/index.md) | | ✓ | ✓ | ✓ | ✓ | |
| View [Group DevOps Adoption](group/devops_adoption/index.md) | | ✓ | ✓ | ✓ | ✓ | | View [Group DevOps Adoption](group/devops_adoption/index.md) | | ✓ | ✓ | ✓ | ✓ | |
| View [Productivity analytics](analytics/productivity_analytics.md) | | ✓ | ✓ | ✓ | ✓ | | View [Productivity analytics](analytics/productivity_analytics.md) | | ✓ | ✓ | ✓ | ✓ | |
| View metrics dashboard annotations | | ✓ | ✓ | ✓ | ✓ | | View metrics dashboard annotations | | ✓ | ✓ | ✓ | ✓ | |
| Publish [packages](packages/index.md) | | | ✓ | ✓ | ✓ | | Publish [packages](packages/index.md) | | | ✓ | ✓ | ✓ | |
| Remove a container registry image | | | ✓ | ✓ | ✓ | | Remove a container registry image | | | ✓ | ✓ | ✓ | |
| Create and edit [group wiki](project/wiki/group.md) pages | | | ✓ | ✓ | ✓ | | Create and edit [group wiki](project/wiki/group.md) pages | | | ✓ | ✓ | ✓ | |
| Create project in group | | | ✓ (2)(4) | ✓ (2) | ✓ (2) | | Create project in group | | | ✓ | ✓ | ✓ | Developers, Maintainers and Owners: Only if the project creation role is set at the [instance level](../administration/settings/visibility_and_access_controls.md#define-which-roles-can-create-projects) or the [group level](group/index.md#specify-who-can-add-projects-to-a-group).<br><br>Developers: Developers can push commits to the default branch of a new project only if the [default branch protection](group/manage.md#change-the-default-branch-protection-of-a-group) is set to "Partially protected" or "Not protected". |
| Create/edit/delete metrics dashboard annotations | | | ✓ | ✓ | ✓ | | Create/edit/delete metrics dashboard annotations | | | ✓ | ✓ | ✓ | |
| Use [security dashboard](application_security/security_dashboard/index.md) | | | ✓ | ✓ | ✓ | | Use [security dashboard](application_security/security_dashboard/index.md) | | | ✓ | ✓ | ✓ | |
| View group Audit Events | | | ✓ (6) | ✓ (6) | ✓ | | View group Audit Events | | | ✓ | ✓ | ✓ | Developers and Maintainers can only view events based on their individual actions. |
| Delete [group wiki](project/wiki/group.md) pages | | | ✓ | ✓ | ✓ | | Delete [group wiki](project/wiki/group.md) pages | | | ✓ | ✓ | ✓ | |
| Create subgroup | | | | ✓ (1) | ✓ | | Create subgroup | | | | ✓ | ✓ | Maintainers: Only if users with the Maintainer role are [allowed to create subgroups](group/subgroups/index.md#change-who-can-create-subgroups).
| Create/edit/delete [Maven and generic package duplicate settings](packages/generic_packages/index.md#do-not-allow-duplicate-generic-packages) | | | | ✓ | ✓ | | Create/edit/delete [Maven and generic package duplicate settings](packages/generic_packages/index.md#do-not-allow-duplicate-generic-packages) | | | | ✓ | ✓ | |
| Create/edit/delete dependency proxy [cleanup policies](packages/dependency_proxy/reduce_dependency_proxy_storage.md#cleanup-policies) | | | | ✓ | ✓ | | Create/edit/delete dependency proxy [cleanup policies](packages/dependency_proxy/reduce_dependency_proxy_storage.md#cleanup-policies) | | | | ✓ | ✓ | |
| Delete [packages](packages/index.md) | | | | ✓ | ✓ | | Delete [packages](packages/index.md) | | | | ✓ | ✓ | |
| Edit [epic](group/epics/index.md) comments (posted by any user) | | | | ✓ | ✓ | | Edit [epic](group/epics/index.md) comments (posted by any user) | | | | ✓ | ✓ | |
| Enable/disable a dependency proxy | | | | ✓ | ✓ | | Enable/disable a dependency proxy | | | | ✓ | ✓ | |
| Enable/disable package request forwarding | | | | ✓ | ✓ | | Enable/disable package request forwarding | | | | ✓ | ✓ | |
| Fork project into a group | | | | ✓ | ✓ | | Fork project into a group | | | | ✓ | ✓ | |
| List group deploy tokens | | | | ✓ | ✓ | | List group deploy tokens | | | | ✓ | ✓ | |
| Manage [group approval rules](project/merge_requests/approvals/settings.md) (group settings) | | | | ✓ | ✓ | | Manage [group approval rules](project/merge_requests/approvals/settings.md) (group settings) | | | | ✓ | ✓ | |
| Manage [group push rules](group/access_and_permissions.md#group-push-rules) | | | | ✓ | ✓ | | Manage [group push rules](group/access_and_permissions.md#group-push-rules) | | | | ✓ | ✓ | |
| View group runners | | | | ✓ | ✓ | | View group runners | | | | ✓ | ✓ | |
| View/manage group-level Kubernetes cluster | | | | ✓ | ✓ | | View/manage group-level Kubernetes cluster | | | | ✓ | ✓ | |
| Change group visibility level | | | | | ✓ | | Change group visibility level | | | | | ✓ | |
| Create and manage compliance frameworks | | | | | ✓ | | Create and manage compliance frameworks | | | | | ✓ | |
| Create/Delete group deploy tokens | | | | | ✓ | | Create/Delete group deploy tokens | | | | | ✓ | |
| Delete group | | | | | ✓ | | Delete group | | | | | ✓ | |
| Delete group [epic](group/epics/index.md) | | | | | ✓ | | Delete group [epic](group/epics/index.md) | | | | | ✓ | |
| Disable notification emails | | | | | ✓ | | Disable notification emails | | | | | ✓ | |
| Edit [SAML SSO](group/saml_sso/index.md) | | | | | ✓ (3) | | Edit [SAML SSO](group/saml_sso/index.md) | | | | | ✓ | Does not apply to subgroups |
| Edit group settings | | | | | ✓ | | Edit group settings | | | | | ✓ | |
| Configure project templates | | | | | ✓ | | Configure project templates | | | | | ✓ | |
| Filter members by 2FA status | | | | | ✓ | | Filter members by 2FA status | | | | | ✓ | |
| Manage [subscriptions, and purchase storage and compute minutes](../subscriptions/gitlab_com/index.md) | | | | | ✓ | | Manage [subscriptions, and purchase storage and compute minutes](../subscriptions/gitlab_com/index.md) | | | | | ✓ | |
| Manage group level CI/CD variables | | | | | ✓ | | Manage group level CI/CD variables | | | | | ✓ | |
| Manage group members | | | | | ✓ | | Manage group members | | | | | ✓ | |
| Manage group runners | | | | | ✓ | | Manage group runners | | | | | ✓ | |
| Manage group-level custom roles | | | | | ✓ | | Manage group-level custom roles | | | | | ✓ | |
| [Migrate groups](group/import/index.md) | | | | | ✓ | | [Migrate groups](group/import/index.md) | | | | | ✓ | |
| Purge the dependency proxy for a group | | | | | ✓ | | Purge the dependency proxy for a group | | | | | ✓ | |
| Share (invite) groups with groups | | | | | ✓ | | Share (invite) groups with groups | | | | | ✓ | |
| View [Billing](../subscriptions/gitlab_com/index.md#view-your-gitlab-saas-subscription) | | | | | ✓ (3) | | View [Billing](../subscriptions/gitlab_com/index.md#view-your-gitlab-saas-subscription) | | | | | ✓ | Does not apply to subgroups |
| View 2FA status of members | | | | | ✓ | | View 2FA status of members | | | | | ✓ | |
| View group [Usage Quotas](usage_quotas.md) page | | | | | ✓ (3) | | View group [Usage Quotas](usage_quotas.md) page | | | | | ✓ | Does not apply to subgroups |
<!-- markdownlint-disable MD029 -->
1. Groups can be set to allow either Owners, or Owners and users with the Maintainer role, to [create subgroups](group/subgroups/index.md#create-a-subgroup).
2. Default project creation role can be changed at:
- The [instance level](../administration/settings/visibility_and_access_controls.md#define-which-roles-can-create-projects).
- The [group level](group/index.md#specify-who-can-add-projects-to-a-group).
3. Does not apply to subgroups.
4. Developers can push commits to the default branch of a new project only if the [default branch protection](group/manage.md#change-the-default-branch-protection-of-a-group) is set to "Partially protected" or "Not protected".
5. In addition, if your group is public or internal, all users who can see the group can also see group wiki pages.
6. Users can only view events based on their individual actions.
7. You must have permission to [view the epic](group/epics/manage_epics.md#who-can-view-an-epic) and edit the issue.
8. You must have permission to [view](group/epics/manage_epics.md#who-can-view-an-epic) the parent and child epics.
<!-- markdownlint-enable MD029 -->
### Subgroup permissions ### Subgroup permissions
......
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册