2019-09-02 - Triage report for "group::access"

Hi, @jeremy @dennis @lmcandrew

This is a group or stage level triage package that aims to summarize the feature proposals and bugs which have not been scheduled or triaged. For more information please refer to the handbook:

• https://about.gitlab.com/handbook/engineering/quality/triage-operations/index.html#triage-packages

Scheduling the workload is a collaborative effort by the Product Managers and Engineering Managers for that group. Please work together to provide a best estimate on priority and milestone assignments. For each issue please:

• Determine if the issue should be closed if it is no longer relevant or a duplicate.
• If it is still relevant please assign either a best estimate versioned milestone, the %Backlog or the %Awaiting further demand milestone.
• Specifically for ~bug, if there is no priority or clarity on a versioned milestone, please add a Priority label. Priority labels have an estimate SLO attached to them and help team members and the wider community understand roughly when it will be considered to be scheduled.
  • https://gitlab.com/gitlab-org/gitlab-ce/blob/master/doc/development/contributing/issue_workflow.md#priority-labels
• Once a milestone has been assigned please check off the box for that issue.
• Please work with your team to complete the list by the due date set.

Feature Proposal Section

For the following feature proposals. Please either close or assign either a versioned milestone, the %Backlog or the %Awaiting further demand milestone.

Unscheduled ~feature with customer

• #66361 (moved) Allow for overriding the "Restricted visibility levels" at the group layer ~"S3", ~"bug", customer, devopsmanage, ~"feature", ~"group::access", ~"groups", project creation
• #65954 (moved) Audit logs for CI / CD variables Manage [DEPRECATED], ~"audit events", customer, devopsmanage, ~"enhancement", ~"feature", ~"group::access"
• #65077 (moved) Allow Terms of Service to link to public repository on same GitLab Instance Manage [DEPRECATED], ~"P4", ~"S4", customer, devopsmanage, ~"feature", ~"group::access"
• #64964 (moved) Disable option to upload ssh keys by users in their profile Manage [DEPRECATED], customer, devopsmanage, ~"feature", ~"group::access", ~"user management", user profile
• #64771 (moved) Configure session timeouts with Okta SSO customer, devopsmanage, ~"feature", ~"group::access"
• #64517 (moved) Get list of runners associated with specific group Manage [DEPRECATED], api, customer, customer+, devopsmanage, ~"feature", ~"group::access", ~"groups"
• #64056 (moved) Create Alert/Notification When Username is Modified (LDAP Integration) customer, devopsmanage, ~"feature", ~"group::access"
• #63868 (moved) Missing System Hook Event for Role Change on a Project/Group Manage [DEPRECATED], customer, devopsmanage, ~"feature", ~"group::access", ~"groups", ~"user management", ~"webhooks"
• #63123 (moved) Add API endpoint to get users without projects Manage [DEPRECATED], api, customer, devopsmanage, ~"feature", ~"group::access"
• #62623 (moved) Add API ability to disabled shared runners ~"Category:Runner", Manage [DEPRECATED], api, customer, devopsmanage, ~"feature", gitlab.com, ~"group::access", movingtogitlab
• #62428 (moved) Detach global deploy keys from admin user who created them Manage [DEPRECATED], customer, devopsmanage, ~"feature", ~"group::access"
• #61407 (moved) Allow admins to format email notifications sent to users Manage [DEPRECATED], admin dashboard, customer, devopsmanage, emails, ~"feature", ~"group::access"
• #60350 (moved) Please add the ability to always show the user's E-Mail (not public_email) Manage [DEPRECATED], customer, devopsmanage, ~"feature", ~"group::access", ~"user management"
• #59473 (moved) Docs feedback - feature proposal: ADFS oAuth2 Authentication Manage [DEPRECATED], authentication, customer, devopsmanage, ~"feature", ~"group::access", oauth, ~"user management"
• #56923 (moved) Transfering groups does not warn in the same way than transfering projects does Manage [DEPRECATED], customer, devopsmanage, ~"feature", ~"group::access", ~"groups"

---

Unscheduled ~feature (non-customer)

• #66709 (moved) Option to filter add member autocomplete for private repositories devopscreate, ~"feature", ~"group::access"
• #66595 (moved) Add ability to limit Broadcast Messages to a project or group devopsmanage, ~"feature", ~"group::access"
• #66422 (moved) Configure Admin users as Grafana Admins authentication, devopsmanage, ~"feature", ~"group::access"
• #66301 (confidential) ~"(confidential)"
• #66201 (moved) UX proposal: redesign mobile sidebar to streamline navigation UX, devopsmanage, ~"feature", ~"group::access"
• #66053 (moved) Blocked users still participate (appear) in a groups activities devopsmanage, ~"feature", ~"group::access", ~"user management"
• #65929 (moved) read_user scope should be able to access /api/v4/version URL api, devopsmanage, ~"feature", ~"group::access"
• #65767 (moved) GET /users/:id/notification_settings (for admins) Manage [DEPRECATED], api, devopsmanage, ~"feature", ~"group::access"
• #65679 (moved) Provide a contact form to contact users while keeping their e-mail address private devopsmanage, emails, ~"feature", ~"group::access"
• #65668 (moved) Private Repo Forks should be visible by default to members of the parent repo Manage [DEPRECATED], devopsmanage, ~"feature", forking, ~"group::access"
• #65347 (moved) Move towards short session timeouts Manage [DEPRECATED], authentication, devopsmanage, ~"feature", ~"group::access"
• #65010 (moved) Project pipeline status for default branch visible from group view Manage [DEPRECATED], devopsmanage, ~"feature", ~"group::access", ~"groups"
• #64846 (moved) Extend project creation permissions in Group to all users devopsmanage, ~"feature", ~"group::access", permissions, project
• #64744 (moved) Make group developer-level members maintainers on projects they create Manage [DEPRECATED], devopsmanage, ~"feature", ~"group::access", ~"user management"
• #64668 (moved) Add option to create-user to disallow numeric increases in usernames devopsmanage, ~"feature", ~"group::access"

---

Bug Section

For the following bugs. Please either close or assign either a versioned milestone, the %Backlog or the %Awaiting further demand milestone and ensure that a priority label is set.

Heatmap for all bugs

Bugs for their priority and severity label are counted here. Every bug should have severity and priority labels applied. Please take a look at the bugs which fall into the columns indicating that the priority or severity labels are currently missing.

	~S1	~S2	~S3	~S4	~"No severity"
~P1	0	0	0	0	1
~P2	0	10	2	0	0
~P3	0	9	62	12	2
~P4	0	1	44	40	0
~"No priority"	0	3	22	21	84

---

Unscheduled frontend ~bug with customer

• #62567 (moved) Enabled OAuth sign-in sources has confusing UI for disabling / enabling Omniauth providers Manage [DEPRECATED], UX, ~"bug", customer, devopsmanage, frontend, ~"group::access"
• #57472 (moved) Failing to transfer a group causes UI expand buttons to lock Manage [DEPRECATED], ~"P3", ~"S3", ~"bug", customer, devopsmanage, frontend, ~"group::access", subgroups
• #41081 (moved) Admin Users not sorted by "name" as highlighted Manage [DEPRECATED], ~"P3", ~"Platform [DEPRECATED]", ~"S3", UX, admin dashboard, ~"bug", customer, default-priority, default-severity, devopsmanage, frontend, ~"group::access", ~"user management"

---

Unscheduled frontend ~bug (non-customer)

• #65374 (moved) Avatar/profile picture position of assignee on issue creation Manage [DEPRECATED], ~"S4", ~"bug", devopsmanage, frontend, ~"group::access"
• #64750 (moved) Layout width description has two percent symbols ~"S4", ~"bug", devopsmanage, frontend, ~"group::access"
• #64674 (moved) Avatar consistency Manage [DEPRECATED], ~"S4", UI polish, ~"bug", devopsmanage, frontend, ~"group::access"
• #64512 (moved) Description in Group's projects list is overflown Manage [DEPRECATED], ~"S4", UX, ~"bug", devopsmanage, frontend, ~"group::access"
• #64349 (moved) Edit status modal displays all empty states at once Manage [DEPRECATED], ~"bug", devopsmanage, frontend, ~"group::access", regression, regression:12.1, reproduced on GitLab.com, user profile
• #63384 (moved) Showing horizontal scroll bar in private profile Manage [DEPRECATED], ~"bug", devopsmanage, frontend, ~"group::access", reproduced on GitLab.com, user profile
• #63268 (moved) On new project, modifying project name field updates project slug even if slug is customized Manage [DEPRECATED], UX, ~"bug", devopsmanage, frontend, ~"group::access", project, reproduced on GitLab.com, settings
• #62993 (moved) Group icon missing on small viewports on profile page Manage [DEPRECATED], ~"S4", UX, ~"bug", devopsmanage, frontend, ~"group::access", user profile
• #62677 (moved) Filter by author is not working when you change a search or sorting filter in Todos Manage [DEPRECATED], UX, ~"bug", devopsmanage, frontend, ~"group::access", todos
• #62240 (moved) Smiley as first char in group name breaks group icon Manage [DEPRECATED], UX, ~"bug", devopsmanage, frontend, ~"group::access", ~"groups"
• #62155 (moved) Large Branch name breaks UI in the settings page Manage [DEPRECATED], ~"S4", UI polish, ~"bug", devopsmanage, frontend, ~"group::access"
• #62136 (moved) Project Icons are not displaying for some projects in explore page Manage [DEPRECATED], awaiting feedback, ~"bug", devopsmanage, frontend, ~"group::access"
• #62135 (moved) Long Branch name breaks profile page activity design Manage [DEPRECATED], ~"S4", UI polish, ~"bug", devopsmanage, frontend, ~"group::access"
• #61998 (moved) Important parts of the top nav truncated on mobile Safari Manage [DEPRECATED], UX, ~"bug", devopsmanage, frontend, ~"group::access"
• #57966 (moved) Impersonation dropdown style is broken Manage [DEPRECATED], ~"P4", ~"S4", UX, admin dashboard, ~"bug", devopsmanage, frontend, global nav, ~"group::access", workflowverification

---

Unscheduled ~bug with customer

• #66361 (moved) Allow for overriding the "Restricted visibility levels" at the group layer ~"S3", ~"bug", customer, devopsmanage, ~"feature", ~"group::access", ~"groups", project creation
• #65002 (moved) 500 Internal Server Error: GET https://gitlab.com/api/v4/groups/group_id Manage [DEPRECATED], api, ~"bug", customer, devopsmanage, ~"group::access"
• #64872 (moved) Unblocked users cannot see group projects added while they are blocked ~"S4", ~"bug", customer, devopsmanage, ~"group::access"
• #63152 (moved) ActiveRecord::StatementInvalid: PG::QueryCanceled: ERROR: canceling statement due to statement timeout Manage [DEPRECATED], ~"bug", customer, devopsmanage, ~"group::access", reproduced on GitLab.com
• #62724 (moved) 500 error when deleting group web hook - ActiveRecord::StatementInvalid: PG::QueryCanceled: ERROR: canceling statement due to statement timeout Manage [DEPRECATED], ~"P4", ~"S3", ~"bug", customer, devopsmanage, ~"group::access", ~"webhooks"
• #57552 (confidential) ~"(confidential)"
• #56502 (moved) Group owner role do not override project role if it was created after Manage [DEPRECATED], ~"bug", customer, devopsmanage, ~"group::access", permissions, project
• #53355 (moved) With SAML + LDAP error occurs if LDAP does not have an email address value Manage [DEPRECATED], ~"P3", ~"S3", ~"bug", customer, devopsmanage, ~"group::access", ldap
• #52373 (moved) System Hook not triggered for blocked LDAP user using 2FA Manage [DEPRECATED], ~"P4", ~"S3", ~"bug", customer, devopsmanage, ~"group::access", ldap
• #52162 (moved) Blocked users not given project permissions when project is shared with their group Manage [DEPRECATED], ~"P4", ~"S4", api, ~"bug", customer, devopsmanage, ~"group::access", project
• #50820 (moved) Moved subgroups don't inherit new permissions Manage [DEPRECATED], ~"P4", ~"S4", backend, ~"bug", customer, devopsmanage, ~"group::access", ~"groups", reproduced on GitLab.com
• #50292 (moved) NPE on sign-in via SAML if user lacks access rights on IdP Manage [DEPRECATED], ~"P4", ~"S3", ~"bug", customer, devopsmanage, ~"group::access", saml
• #50112 (moved) Project transfer keeps project member permissions Manage [DEPRECATED], ~"P3", ~"S3", ~"bug", customer, devopsmanage, ~"group::access", ~"groups", permissions, reproduced on GitLab.com
• #49385 (moved) API Issue creation not allowing created_at for group owners Manage [DEPRECATED], ~"P4", ~"S3", api, ~"bug", customer, devopsmanage, ~"group::access", ~"groups", permissions
• #46208 (moved) Managing ldap block in a dual-provider environment Manage [DEPRECATED], ~"S3", authentication, ~"bug", customer, devopsmanage, ~"group::access", ldap

---

Unscheduled ~bug (non-customer)

• #66770 (closed) Admin page timing out with User.active.count BusinessOPS, ~"P1", admin dashboard, backend, ~"bug", devopsmanage, ~"group::access", ~"performance"
• #66713 (moved) Gilab API issue: can't retrieve a group that created with full numbers ~"S4", ~"bug", devopsmanage, ~"group::access", ~"groups"
• #66683 (moved) Maintainer access not correctly displayed when search project members ~"bug", devopsmanage, ~"group::access"
• #66529 (moved) Group permissions inheritance wrong displayed/calculated ~"S3", ~"bug", devopsmanage, ~"group::access", permissions
• #66509 (moved) Unable to logout when using an oauth2 provider (Keycloak) ~"bug", devopsmanage, ~"group::access", oauth
• #66459 (moved) Private Project count on Public Group ~"S3", ~"bug", devopsmanage, ~"group::access", project, reproduced on GitLab.com
• #66434 (moved) Plaintext json output after using back button ~"S4", ~"bug", devopsmanage, ~"group::access", project
• #66345 (moved) OpenSSL PKey error thrown when generating ID token for oauth2 ~"S3", ~"bug", devopsmanage, ~"group::access"
• #66326 (moved) Backup upload timeouts prevent cleanup and fill disc space ~"S3", ~"backup-restore", ~"bug", devopsmanage, ~"group::access"
• #66275 (moved) Searching a user returns "extern_uid, provider provide all or none of parameters" for an omniauth-oauth2-generic user. ~"P4", ~"S4", ~"bug", devopsmanage, ~"group::access"
• #66012 (moved) Member expiration time incorrect calculation ~"S3", ~"bug", devopsmanage, ~"group::access"
• #65501 (moved) Cannot send E-mails in some cases ~"S3", authentication, ~"bug", devopsmanage, emails, ~"group::access"
• #65309 (moved) Gitlab push/pull using personal access token failed ~"S3", ~"bug", devopsmanage, ~"group::access", personal access tokens
• #65185 (moved) Admin project controller should notify on transfer error ~"S4", ~"bug", devopsmanage, ~"group::access", project
• #65172 (moved) Can't mention groups Plan [DEPRECATED], ~"S4", ~"bug", devopsplan, ~"group::access"

---

Heatmap for ~missed-SLO bugs

	~S1	~S2	~S3	~S4
~P1	0	0	0	0
~P2	0	5	1	0
~P3	0	0	0	0
~P4	0	0	0	0

---

---

This is a group level triage package that aims to collate the latest bug reports (for frontend and otherwise) and feature proposals. For more information please refer to the handbook:

• https://about.gitlab.com/handbook/engineering/quality/triage-operations/index.html#triage-packages