Skip to content

GitLab Next

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
GitLab
GitLab
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
    • Locked Files
  • Issues 36,964
    • Issues 36,964
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
    • Iterations
  • Merge requests 1,461
    • Merge requests 1,461
  • Requirements
    • Requirements
    • List
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
    • Test Cases
  • Operations
    • Operations
    • Metrics
    • Incidents
    • Environments
  • Packages & Registries
    • Packages & Registries
    • Container Registry
  • Analytics
    • Analytics
    • CI/CD
    • Code Review
    • Insights
    • Issue
    • Repository
    • Value Stream
  • Snippets
    • Snippets
  • Members
    • Members
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • GitLab.org
  • GitLabGitLab
  • Issues
  • #33143

Closed
Open
Created Oct 01, 2019 by Wills Bithrey@wills12 of 2 tasks completed2/2 tasks

Group members domain whitelist should allow multiple domains

Problem to solve

The domains whitelisting feature was implemented after one of our employees requested it - however we've been unable to enable / use this feature as we often need to bring users who do not have a corporate e-mail account at our company's domain (e.g. clients) into our GitLab projects, and so with the current behaviour it's not possible to enable the domain whitelist because we are unable to add more than a single domain to the whitelist.

Intended users

Initially GitLab admins will use this feature, to allow them to specify a list of domains from which users can be added from - the users actual vertical (e.g. Product Manager, Developer) isn't clear to me at this point.

Further details

This minor change makes the domain whitelisting feature more flexible and therefore hopefully more useful to users who work collaboratively with external stakeholders. It also promotes improved security/privacy in that it could help more users lock down their GitLab organisations and prevent them from accidentally granting access to people who should not be given access.

Proposal

It was proposed in #7297 (comment 174792745) that the values in the input could simply be separated by a delimiter (e.g. ; or ,). I'm not sure if you already have a UI pattern for this sort of multi-input so if that's inline with the existing pattern if one exists then fine.

First iteration

A comma separated list of email domains

Screenshot_2019-10-01_at_14.40.52

Second iteration

Implement the GitLab UI "Token Selector" component: #220567 (closed)

Permissions and Security

The permissions required to edit the domain whitelist field should not be changed as part of this proposal.

Documentation

I couldn't find any docs for the existing domain whitelist configuration (but I'm not sure if I was looking in the right place), so that should probably be added and expanded upon for this change.

Testing

TBD

What does success look like, and how can we measure that?

What is the type of buyer?

This is an additional security feature, so should probably belong to Gold/Ultimate.

User reports/requests

  1. https://gitlab.zendesk.com/agent/tickets/133973
  2. https://gitlab.zendesk.com/agent/tickets/134012
  3. https://gitlab.my.salesforce.com/00161000004xUpi

Issue readiness

  • Product: issue description is accurate with an acceptable proposal for an MVC
  • Engineering: issue is implementable with few remaining questions, is sufficiently broken down, and is able to be estimated
Edited Jun 05, 2020 by Peter Hegman
Assignee
Assign to
13.1
Milestone
13.1 (Past due)
Assign milestone
Time tracking