Improve flexibility of inherited permissions in groups

Everyone can contribute. Help move this issue forward while earning points, leveling up and collecting rewards.

• Close this issue

Proposal

In usual case, gitlab allows sub-groups and project inside to inherit the permissions and members from parent groups

An active customer of gitlab would like to request if they can make exceptions to this.

The request came from our customers where they want to have some repository/projects where all the members and permissions are not inherited but rather few member can just access the repo.

Below is the example for use cases:

• we have the structure
• parentGroup/Subgroup1/subgroup2/repository1

GRP/GRP2/APP/repository1
GRP/GRP2/APP1/repository2

• Members' permissions are synced using LDAP user at subgroup2 (in example: APP1)
• By default repository1 and repository2 have same permission and APP1 perrmission is inherited by them.
• We would like to have exception that repository1 don't have same permission like repository2.
• We want to have only special user access to repository1 with fixed user or group(LDAP).

The goal is to have flexibility for users to inherit or not to inherit the permission for the repository.