Skip to content

Prevent accidental deletions via soft delete for groups

Overview

We should follow up on #32935 (closed) by expanding soft delete to include groups.

Proposal

Require a soft deletion period for group removal.

  • Attempting to remove a group marks it for deletion. It should no longer immediately remove the group.
  • After X days have elapsed, the project or group is deleted.
    • We should use the same soft delete configuration introduced in #32935 (closed).
  • Attempting to delete something:
    • The "remove group" container for group should reflect the soft deletion period.
    • A project pending deletion should be marked for deletion on the group overview page (banner, similar to the archived project notice) and group list (with a pending delete badge).
    • Attempting to delete a group with the API should also result in the soft deletion period as described above.
  • Recovering a group pending deletion:
    • Include a "restore" button in group settings that unarchives the project and removes the soft deletion state.
    • Should be able to restore/remove the soft deletion state via API.
  • Soft deletion and restore should trigger an audit event.
Edited by Jeremy Watson (ex-GitLab)