Skip to content

Auditor user with read-only access

Resources

FE/BE @timothyandrew | UX @cperessini

Requirements

  • As a system admin, create a user in a special role called Auditor.
  • The user has read access to all projects and groups, and all the components therein (issues, merge requests, etc.). The user cannot create or make any changes to these existing components.
  • This is the view of the access section in the new user menu.
    • There should be a new option to set the user as an Auditor.

Design

Remove the checkbox for Admin user type and add radio buttons for Admin, Auditor and Regular user types.

Since a user cannot be External if they are Admin or Auditor, that checkbox will be disabled unless the user is Regular access-level

Original description

Zendesk ticket: https://gitlab.zendesk.com/agent/tickets/29453

Customer is requesting that we add the option for global read-only users. In this case, the compliance department wants to run tests against the entire GitLab base to ensure users are complying with password, credit card, and other sensitive data policies. The only option currently is to 1) give them admin rights or 2) use the API to add their user to all projects.

cc/ @JobV What do you think?