Project visibility bug when admin sets restricted value
Summary
If the admin has restricted the project repos visibility, say to only allow private repos, and then sets a certain project to be a restricted value, a non-admin user (say master of the project) can unwittingly change the project visibility because the drop-down automatically selects the only available entry.
Steps to reproduce
- As admin, restrict users in settings such that they can only create private repo's.
- As admin, change a users private repo to a public one.
- As non-admin user, edit settings in the same section as repo visibility.
- Observe the project visibility will now be private again.
What is the current bug behavior?
Drop-down in project settings automatically selects the only available option for user, which maybe changing it from an admin's earlier change.
What is the expected correct behavior?
Restricted values that admin users have overridden should become greyed out. (suggestion)
Results of GitLab environment info
Expand for output related to GitLab environment info
(For installations with omnibus-gitlab package run and paste the output of:
sudo gitlab-rake gitlab:env:info
)
Results of GitLab application Check
Expand for output related to the GitLab application check
System information System: Ubuntu 16.04 Current User: git Using RVM: no Ruby Version: 2.3.3p222 Gem Version: 2.6.6 Bundler Version:1.13.7 Rake Version: 12.0.0 Redis Version: 3.2.5 Git Version: 2.13.5 Sidekiq Version:5.0.4 Go Version: unknown
GitLab information Version: 9.5.4 Revision: fbffc27 Directory: /opt/gitlab/embedded/service/gitlab-rails DB Adapter: postgresql URL: https://git.cs.sun.ac.za HTTP Clone URL: https://git.cs.sun.ac.za/some-group/some-project.git SSH Clone URL: git@git.cs.sun.ac.za:some-group/some-project.git Using LDAP: no Using Omniauth: yes Omniauth Providers: cas3
GitLab Shell Version: 5.8.0 Repository storage paths:
- default: /var/opt/gitlab/git-data/repositories Hooks: /opt/gitlab/embedded/service/gitlab-shell/hooks Git: /opt/gitlab/embedded/bin/git
Possible fixes
Grey out the options an admin has forced to restricted value.
More Info
This is a community install at a university, as such the admin cannot let any user create public repo's, however, some project should be public, thus the admin can re requested to make sure projects public.
Images
Admin Settings
Admins view in project
Admin has set the project to public.
Users view in project
If the user changes other settings and saves them, project becomes private again.