Add further abilities to tweak project/group permissions

ZD Reference https://gitlab.zendesk.com/tickets/35725

We need to have private groups and private repos, which is a perfectly valid security need. That said, in such a model GitLab cannot and does not support any interactive mechanism for users to request access, which is desirable. Noone can request access for a group which can’t even be seen, and the same holds true for a repository.

I believe that you could offer the ‘Request Access’ button at both group and project levels, even for Private settings, if you provided both external and internal visibility settings at the group and repository/project levels: External determines whether the object (group or repository) can be seen, and internal determines whether its contents (repositories or files) can be seen.

In this model, groups which are internally private but externally ‘Internal’ could be seen by logged-in users, who could request access. If they are externally private, they are only visible to members. If they are externally Public, anyone can see them and request access. The same paradigm would apply to projects/repositories, with the internal contents being files.

2 features that can be discussed:

• Separate visibility levels for internal/external access:
  • Ability to see project page
  • Ability to see project repository
  • Ability to see project discussions
• Create a "Elevate permissions" feature that allows project members to request access to another permission level.