2020-01-27 - Triage report for "group::access"
Hi, @jeremy @dennis @lmcandrew @amandakhughes
This is a group or stage level triage package that aims to summarize the feature proposals and bugs which have not been scheduled or triaged. For more information please refer to the handbook:
Scheduling the workload is a collaborative effort by the Product Managers and Engineering Managers for that group. Please work together to provide a best estimate on priority and milestone assignments. For each issue please:
- Determine if the issue should be closed if it is no longer relevant or a duplicate.
- If it is still relevant please assign either a best estimate versioned milestone, the %Backlog or the %Awaiting further demand milestone.
- Specifically for ~bug, if there is no priority or clarity on a versioned milestone, please add a Priority label. Priority labels have an estimate SLO attached to them and help team members and the wider community understand roughly when it will be considered to be scheduled.
- Once a milestone has been assigned please check off the box for that issue.
- Please work with your team to complete the list by the due date set.
Feature Proposal Section
For the following feature proposals. Please either close or assign either a versioned milestone, the %Backlog or the %Awaiting further demand milestone.
Unscheduled feature with customer
- #118479 (closed) Ability to download user data from .com accounts to CSV ~"Category:Authentication and Authorization", customer, devopsmanage, feature, ~"group::access"
- #39123 Additional LDAP login form custmomization customer, devopsmanage, feature, ~"group::access", ldap
- #36802 Groups provisionning using SAML SSO authentication, customer, devopsmanage, ~"enhancement", feature, ~"group::access", saml
- #36676 Hide ability to invite members to groups where SSO is enforced ~"Category:Authentication and Authorization", Enterprise Edition, customer, devopsmanage, feature, gitlab.com, ~"group::access"
- #36192 Account for Okta's LDAP Interface implementation quirks customer, devopsmanage, feature, ~"group::access", ldap
- #35001 (closed) Improved Admin Dashboard with User Information ~"Category:Authentication and Authorization", customer, devopsmanage, feature, ~"group::access"
- #33143 (closed) Group members domain whitelist should allow multiple domains ~"Category:Authentication and Authorization", auto updated, customer, devopsmanage, feature, ~"group::access", potential proposal
- #21862 Groups SSO SAML: Support for Duo Access Gateway customer, devopsmanage, feature, gitlab.com, ~"group::access", saml
- #14729 (closed) Group Deploy Tokens/Keys ~"Category:Authentication and Authorization", Enterprise Edition, customer, devopsmanage, feature, ~"group::access", settings
- #30857 (closed) Audit logs for CI / CD variables Category:Audit Events, ~"Category:Authentication and Authorization", Manage [DEPRECATED], customer, devopsmanage, ~"enhancement", feature, ~"group::access"
- #30409 (closed) Allow Terms of Service to link to public repository on same GitLab Instance ~"Category:Authentication and Authorization", Manage [DEPRECATED], ~"P4", ~"S4", customer, devopsmanage, feature, ~"group::access"
- #12975 (closed) The field "Enter new password" in Service Templates pages should show asterisks in the password field ~"Category:Authentication and Authorization", Enterprise Edition, Manage [DEPRECATED], UX, customer, devopsmanage, feature, frontend, ~"group::access", settings
- #30219 Configure session timeouts with Okta SSO ~"Category:Authentication and Authorization", customer, devopsmanage, feature, ~"group::access"
- #29842 Create Alert/Notification When Username is Modified (LDAP Integration) ~"Category:Authentication and Authorization", customer, devopsmanage, feature, ~"group::access"
- #12153 (closed) ForgeRock Identity Provider - for SAML/SCIM SSO-enabled group management Enterprise Edition, Manage [DEPRECATED], authentication, customer, devopsmanage, ~"enhancement", feature, gitlab.com, ~"group::access", saml, scim
Unscheduled feature (non-customer)
- #198634 (closed) Unique login-URLs (browser shortcuts) for people with multiple accounts ~"Category:Authentication and Authorization", ~"devops", feature, ~"group::access"
- #198054 Docs feedback: More detail in the GitLab DocsGitLab integrationsSAML OmniAuth Provider ~"Category:Authentication and Authorization", authentication, devopsmanage, documentation, feature, ~"group::access", saml
- #197969 (closed) Allow unauthenticated access to GPG keys [Follow up of #17569 (closed)] ~"Category:Authentication and Authorization", api, devopsmanage, feature, ~"group::access"
- #196248 (closed) Simplify Projects page by seperating All and Personal section ~"Category:Authentication and Authorization", devopsmanage, feature, ~"group::access"
- #196244 (closed) Set up a properly capitalized label for Microsoft OAuth2 ~"Category:Authentication and Authorization", devopsmanage, feature, ~"group::access"
- #121595 Include fork information in GraphQL Repository response ~"Category:Authentication and Authorization", GraphQL, devopsmanage, feature, forking, ~"group::access", project
- #118873 Allow reporters to create projects in a group ~"Category:Authentication and Authorization", devopsmanage, feature, ~"group::access", permissions
- #39482 (closed) Add avatar to Ghost user ~"Category:Authentication and Authorization", ~"component::avatars", devopsmanage, feature, ~"group::access"
- #39463 (closed) Allow 'Guest' role to read and pull from private repositories ~"Category:Authentication and Authorization", devopsmanage, feature, ~"group::access"
- #39207 (closed) Group Managed Accounts API returning admin-like Member data api, backend, devopsmanage, feature, ~"group::access", saml, scim
- #39203 Support multiple SCIM tokens ~"Category:Authentication and Authorization", backend, devopsmanage, feature, ~"group::access", scim
- #39040 (closed) Custom instance-wide bot accounts ~"Category:Authentication and Authorization", devopsmanage, feature, ~"group::access"
- #38543 Include statistics section in project API for public projects ~"Category:Authentication and Authorization", api, devopsmanage, feature, ~"group::access"
- #38113 (closed) Consider supporting additional SAML assertion formats devopsmanage, feature, ~"group::access", saml
- #38112 (closed) Verify SAML config should display required assertions when Group Managed Accounts is enabled authentication, devopsmanage, feature, gitlab.com, ~"group::access", saml
Unscheduled UX Debt Issues
- #29200 (closed) Follow-up from "Fix alignment of resend button in members page" ~"Category:Authentication and Authorization", Manage [DEPRECATED], UX debt, devopsmanage, frontend, ~"group::access"
- #20456 Better Feedback For 2 Factor Auth With HTTP 2FA, UX debt, devopsmanage, ~"group::access"
Bug Section
For the following bugs. Please either close or assign either a versioned milestone, the %Backlog or the %Awaiting further demand milestone and ensure that a priority label is set.
Heatmap for all bugs
Bugs for their priority and severity label are counted here. Every bug should have severity and priority labels applied. Please take a look at the bugs which fall into the columns indicating that the priority or severity labels are currently missing.
| ~S1 | ~S2 | ~S3 | ~S4 | ~"No severity" | |
|---|---|---|---|---|---|
| ~P1 | 2 | 0 | 0 | 0 | 0 |
| ~P2 | 3 | 8 | 0 | 0 | 0 |
| ~P3 | 0 | 2 | 46 | 6 | 2 |
| ~P4 | 1 | 2 | 35 | 25 | 0 |
| ~"No priority" | 0 | 10 | 43 | 40 | 85 |
Unscheduled frontend ~bug with customer
- #29126 (closed) Enabled OAuth sign-in sources has confusing UI for disabling / enabling Omniauth providers ~"Category:Authentication and Authorization", Manage [DEPRECATED], UX, ~"bug", customer, devopsmanage, frontend, ~"group::access"
Unscheduled frontend ~bug (non-customer)
- #39532 (closed) Search in Productivity Analytics is buggy ~"Category:Authentication and Authorization", ~"S4", ~"bug", devopsmanage, frontend, ~"group::access"
- #38355 (closed) User popovers don't work in system notes ~"Category:Authentication and Authorization", ~"S4", ~"bug", devopsmanage, frontend, ~"group::access"
- #35125 (closed) Extra trailing %hr when using LDAP without smartcard ~"bug", devopsmanage, frontend, ~"group::access", ldap
- #34961 (closed) Autofocus authentication-code field during login ~"Category:Authentication and Authorization", ~"S4", ~"bug", devopsmanage, frontend, ~"group::access"
- #30561 (closed) Avatar/profile picture position of assignee on issue creation ~"Category:Authentication and Authorization", Manage [DEPRECATED], ~"S4", ~"bug", devopsmanage, frontend, ~"group::access"
- #30169 (closed) Avatar consistency ~"Category:Authentication and Authorization", Manage [DEPRECATED], ~"S4", UI polish, ~"bug", devopsmanage, frontend, ~"group::access"
- #30090 (closed) Description in Group's projects list is overflown ~"Category:Authentication and Authorization", Manage [DEPRECATED], ~"S4", UX, ~"bug", devopsmanage, frontend, ~"group::access"
- #12640 (closed) Externalized string using namespaces in new user form in admin area is missing required prefix ~"Category:Authentication and Authorization", Enterprise Edition, Manage [DEPRECATED], UI polish, ~"bug", devopsmanage, frontend, ~"group::access"
- #29511 (closed) On new project, modifying project name field updates project slug even if slug is customized ~"Category:Authentication and Authorization", Manage [DEPRECATED], UX, ~"bug", devopsmanage, frontend, ~"group::access", project, reproduced on GitLab.com, settings
- #29187 (closed) Filter by author is not working when you change a search or sorting filter in Todos ~"Category:Authentication and Authorization", Manage [DEPRECATED], UX, ~"bug", devopsmanage, frontend, ~"group::access", todos
- #28884 (closed) Large Branch name breaks UI in the settings page ~"Category:Authentication and Authorization", Manage [DEPRECATED], ~"S4", UI polish, ~"bug", devopsmanage, frontend, ~"group::access"
- #28875 (closed) Project Icons are not displaying for some projects in explore page ~"Category:Authentication and Authorization", Manage [DEPRECATED], awaiting feedback, ~"bug", devopsmanage, frontend, ~"group::access"
- #28874 (closed) Long Branch name breaks profile page activity design ~"Category:Authentication and Authorization", Manage [DEPRECATED], ~"S4", UI polish, ~"bug", devopsmanage, frontend, ~"group::access"
- #28808 (closed) Important parts of the top nav truncated on mobile Safari ~"Category:Authentication and Authorization", Manage [DEPRECATED], UX, ~"bug", devopsmanage, frontend, ~"group::access"
- #26855 (closed) Impersonation dropdown style is broken ~"Category:Authentication and Authorization", Manage [DEPRECATED], ~"P4", ~"S4", UX, admin dashboard, ~"bug", devopsmanage, frontend, global nav, ~"group::access", workflowverification
Unscheduled ~bug with customer
- #197659 OpenSSL Cipher Recaptcha error on login page ~"Category:Authentication and Authorization", ~"S3", ~"bug", customer, devopsmanage, ~"group::access"
- #195963 (closed) Guest user cannot see code in 'internal' project ~"Category:Authentication and Authorization", ~"bug", customer, devopsmanage, ~"group::access"
- #195161 LDAP subgroup sync fails when user-to-be-synced has requested (but not received) higher permissions in parent group ~"S3", ~"bug", customer, devopsmanage, ~"group::access", ldap
- #39520 (closed) Group Search doesn't work as described in the https://docs.gitlab.com/ee/user/search/#groups ~"Category:Authentication and Authorization", ~"Category:Search", ~"bug", customer, devopsmanage, ~"group::access"
- #36671 (confidential) ~"(confidential)"
- #35792 (closed) SAML - bypass 2 factor authentication function does not work with ADFS ~"Category:Authentication and Authorization", ~"S4", ~"bug", customer, devopsmanage, ~"group::access"
- #34159 (closed) Enabling "Require 2FA" forces smart card users to register an OTP / U2F 2FA, ~"bug", customer, devopsmanage, ~"group::access"
- #33046 (closed) "Namespace is not valid" error when trying to create a project through the admin area ~"Category:Authentication and Authorization", ~"S4", ~"bug", customer, devopsmanage, ~"group::access"
- #32346 Group still visible even with IP restriction ~"Category:Authentication and Authorization", ~"P2", ~"S1", ~"bug", customer, devopsmanage, ~"group::access", ~"missed-SLO"
- #14731 (closed) Auditor users cannot access public and internal projects when files access is limited to project members ~"Category:Authentication and Authorization", ~"bug", customer, devopsmanage, ~"group::access", permissions
- #30369 (closed) 500 Internal Server Error: GET https://gitlab.com/api/v4/groups/group_id ~"Category:Authentication and Authorization", Manage [DEPRECATED], api, ~"bug", customer, devopsmanage, ~"group::access"
- #30278 (closed) Unblocked users cannot see group projects added while they are blocked ~"Category:Authentication and Authorization", ~"S4", ~"bug", customer, devopsmanage, ~"group::access"
- #12856 Membership requests are taken into account for access level validation Enterprise Edition, Manage [DEPRECATED], ~"S3", ~"bug", customer, devopsmanage, ~"group::access", ldap
- #12178 (closed) Omniauth 500 when blocking new users Enterprise Edition, Manage [DEPRECATED], authentication, ~"bug", customer, devopsmanage, ~"group::access", oauth, saml
- #29447 (closed) ActiveRecord::StatementInvalid: PG::QueryCanceled: ERROR: canceling statement due to statement timeout ~"Category:Authentication and Authorization", Manage [DEPRECATED], ~"bug", customer, devopsmanage, ~"group::access", reproduced on GitLab.com
Unscheduled ~bug (non-customer)
- #198480 (closed) "Group access is not included in the list" - Unable to share group with group with max access level Owner ~"bug", devopsmanage, ~"group::access"
- #197895 (closed) NoMethodError: undefined method `namespace' for nil:NilClass ~"Category:Authentication and Authorization", ~"P1", ~"S1", ~"bug", devopsmanage, ~"group::access"
- #197463 (closed) Only one CA certificate is loaded for smart card authentication ~"Category:Authentication and Authorization", ~"bug", devopsmanage, ~"group::access", workflowscheduling
- #197401 (closed) [OpenLDAP] set_locale issue ~"S3", ~"bug", devopsmanage, ~"group::access", ldap
- #197313 Group path validation does not handle subgroup paths properly ~"Category:Authentication and Authorization", ~"S3", ~"bug", devopsmanage, ~"group::access"
- #196721 (closed) gitlab omniauth + oauth2 report "You need to sign in or sign up before continuing." authentication, backend, ~"bug", devopsmanage, ~"group::access", oauth
- #196150 (closed) Previous Group Path Exposed via Transfered Group/Sub-Group/Project Audit Events ~"Category:Authentication and Authorization", HackerOne, ~"P4", ~"S4", ~"bug", devopsmanage, ~"group::access"
- #196131 (closed) SAML - bypass 2 factor authentication - don't require GitLab 2FA to exist ~"P4", ~"S4", ~"bug", devopsmanage, ~"group::access", saml
- #196028 (closed) Impersonating an admin who impersonates yourself leads to a non-audited authenticated session ~"Category:Authentication and Authorization", ~"P4", ~"S4", ~"bug", devopsmanage, ~"group::access"
- #195666 (closed) GPG key upload has no effect but also shows no errors ~"Category:Authentication and Authorization", ~"S2", ~"bug", devopsmanage, gpg, ~"group::access"
- #194189 (closed) Endless automatic omniauth redirect loop if user doesn't exist ~"S2", ~"bug", devopsmanage, ~"group::access", saml
- #121569 (closed) I keep getting logged out every day! ~"Category:Authentication and Authorization", ~"S4", ~"bug", devopsmanage, ~"group::access"
- #119497 (closed) Gitlab redirects me to serviceworker.js ~"S3", authentication, ~"bug", devopsmanage, ~"group::access", needs investigation
- #119291 (closed) Setting a complex password for a newly bootstrapping instances fails ~"Category:Authentication and Authorization", ~"bug", devopsmanage, ~"group::access"
- #118433 (closed) GitLab CE "500 Error" when i go to group_members page ~"Category:Authentication and Authorization", ~"S3", ~"bug", devopsmanage, ~"group::access"
Heatmap for ~missed-SLO bugs
| ~S1 | ~S2 | ~S3 | ~S4 | |
|---|---|---|---|---|
| ~P1 | 0 | 0 | 0 | 0 |
| ~P2 | 1 | 4 | 0 | 0 |
| ~P3 | 0 | 0 | 0 | 0 |
| ~P4 | 1 | 0 | 0 | 0 |
This is a group level triage package that aims to collate the latest bug reports (for frontend and otherwise) and feature proposals. For more information please refer to the handbook:
If assignees or people mentioned in this individual triage package need to be amended, please edit team-triage-package.yml.
