Show a project like it would look to another user
Description
We are running gitlab enterprise edition 9.3.10-ee 0bc63797 and often users struggle setting up permissions of their projects correctly (internal vs. private, and access levels). This either ends up with settings that are too permissive (people from other groups who shouldn’t see the group-internal things can see too much, unclear if harm was done), too restrictive (usually ends up with reports from users who should have read / push access but don’t, and then one has to wait for the owner to be back at their emails), or project owners are frustrated about having to find users from their group to verify they can see all they should see, and to find people from other groups they cannot see what they shouldn’t see.
Proposal
It occured to us that facebook has a “view my page as it looks to …” feature, where one can verify oneself what is visible to whom. We are only thinking about the webpage functionalities (mainly because we're concerned about verifying read accesses and assume that all that can be accessed through git can also be seen on the webpage).
Links / references
i believe i didn't understand the meaning of the forum correctly, where i posted this previously
Documentation blurb
Overview
This allows verifying the correctness of permission settings on gitlab without having to find users from different groups and stealing co-workers' time.
Use cases
This is relevant for businesses/labs/universities with complicated hierarchies, where e.g. read access should be granted within a division, but other divisions must not have read access, write access should only be granted within a team, and some projects are world readable. In this situation "internal" is highly ambiguous for the novice user, who would normally think internal to their division and accidentially leak data to other divisions.
Feature checklist
Make sure these are completed before closing the issue, with a link to the relevant commit.
-
View for not-logged in user -
View for logged-in user w/o any group memberships -
View for logged-in user in a specific group