User admin approval - Default for new instances
The default setting for newly created settings is to allow user registration. In order to increase security, we should make the admin approval workflow the default for any newly created instances. Settings for existing instances should not be changed.
Designs
- Show closed items
Is blocked by
Activity
-
Newest first Oldest first
-
Show all activity Show comments only Show history only
- Melissa Ushakov added to epic &4491
added to epic &4491
- Melissa Ushakov marked #267567 (closed) as a duplicate of this issue
marked #267567 (closed) as a duplicate of this issue
- Melissa Ushakov marked this issue as related to #267567 (closed)
marked this issue as related to #267567 (closed)
- Melissa Ushakov changed the description
Compare with previous version changed the description
- Melissa Ushakov changed milestone to %13.6
changed milestone to %13.6
- Melissa Ushakov added groupauthentication and authorization [DEPRECATED] + 1 deleted label
added groupauthentication and authorization [DEPRECATED] + 1 deleted label
- Melissa Ushakov removed 1 deleted label
removed 1 deleted label
- Melissa Ushakov added workflowplanning breakdown label
added workflowplanning breakdown label
- Author Contributor
@manojmj Can you take a look at this issue for refinement? I think it should be pretty small
.cc: @lmcandrew
Collapse replies Estimated weight of
2
since this will only involve a simple migration to change the default value of the columnrequire_admin_approval_after_user_signup
fromfalse
totrue
.@mushakov I feel we should complete the email notifications part (#257879 (closed) & #257880 (closed)) before making this the default though. A new GitLab instance means that most of that company would be new to GitLab itself, and without proper email notifications it would be hard to figure out what is happening for folks new to the system. WDYT?
@serenafang could you please evaluate my estimation?
- Author Contributor
@manojmj Yes I agree on the email notification part! I will set them as blocking issues for this
- Developer
@manojmj Your estimation looks accurate to me
Thanks for having me take a look!! - Author Contributor
@manojmj @serenafang Thanks for taking a look. Moving this to workflowready for development based on your feedback!
1
- Melissa Ushakov mentioned in issue gitlab-org/manage/general-discussion#17286
mentioned in issue gitlab-org/manage/general-discussion#17286
- Maintainer
Setting label(s) devopsmanage sectiondev based on ~"group::access".
- 🤖 GitLab Bot 🤖 added devopsmanage sectiondev labels
added devopsmanage sectiondev labels
- Manoj M J set weight to 2
set weight to 2
- Melissa Ushakov marked this issue as related to #257880 (closed)
marked this issue as related to #257880 (closed)
- Melissa Ushakov marked this issue as related to #257879 (closed)
marked this issue as related to #257879 (closed)
- Melissa Ushakov removed the relation with #267567 (closed)
removed the relation with #267567 (closed)
- Melissa Ushakov added direction label
added direction label
- Melissa Ushakov added workflowready for development label and removed workflowplanning breakdown label
added workflowready for development label and removed workflowplanning breakdown label
- Melissa Ushakov added workflowblocked label and removed workflowready for development label
added workflowblocked label and removed workflowready for development label
- Melissa Ushakov added workflowready for development label and removed workflowblocked label
added workflowready for development label and removed workflowblocked label
- Serena Fang assigned to @serenafang
assigned to @serenafang
- Maintainer
This would require some changes to end-to-end tests that currently assume the user is able to register without needing an approval.
Also, it would add to the end-to-end tests runtime if the test would need to navigate via the UI to the admin settings to allow new user registration without approval. Can we also add an attribute to the
/api/v4/application/settings
endpoint to allow toggling this via the API?/cc @serenafang
Edited by Sanad Liaquat 1 Collapse replies - Maintainer
We already have an issue for that: #263106 (closed)
- Maintainer
@mushakov I've left a comment to make a case for implementing "User admin approval - Enable/disable toggle
require_admin_approval_after_user_signup
via API" before this one. 1
- Sanad Liaquat added quad-planningcomplete-action label
added quad-planningcomplete-action label
- Melissa Ushakov mentioned in epic &4214
mentioned in epic &4214
- Melissa Ushakov mentioned in epic &4491
mentioned in epic &4491
- Sanad Liaquat mentioned in issue #263106 (closed)
mentioned in issue #263106 (closed)
- Serena Fang created merge request !46937 (merged) to address this issue
created merge request !46937 (merged) to address this issue
- Serena Fang mentioned in merge request !46937 (merged)
mentioned in merge request !46937 (merged)
- Serena Fang mentioned in merge request gitlab-com/www-gitlab-com!67568 (merged)
mentioned in merge request gitlab-com/www-gitlab-com!67568 (merged)
- Developer
Closing, as the MR to resolve this has been merged: !46937 (merged)
- Serena Fang closed
closed
- Amparo Luna mentioned in merge request !47993 (merged)
mentioned in merge request !47993 (merged)
- Johnathan Hunt mentioned in issue gitlab-com/www-gitlab-com#8453 (closed)
mentioned in issue gitlab-com/www-gitlab-com#8453 (closed)
- Donique Smit mentioned in merge request !53682 (merged)
mentioned in merge request !53682 (merged)
- Hannah Sutor mentioned in issue gitlab-com/Product#2971 (closed)
mentioned in issue gitlab-com/Product#2971 (closed)
- Justin Farris mentioned in issue gitlab-com/Product#3837 (moved)
mentioned in issue gitlab-com/Product#3837 (moved)
- Hannah Sutor mentioned in issue #33763 (closed)
mentioned in issue #33763 (closed)