Add "Merge Request Settings" as a customizable permission
Release notes
Group owners and project maintainers have the ability to manage merge request settings. This often leads to a user becoming overprivileged where they may not need other group or project destructive permissions. With the release of this permission, you can create a custom role to allow a Developer (or any base role) plus this permission to manage merge request settings.
Background
Group owners and project maintainers have the ability to MR settings. This leads organizations elevating a subset of users who need to manage these settings with a consequence of editing other Group/Project settings. This permission will allow a custom role such as Developer + this permission offering organizations to reduce Owners and Maintainers in their environment
Proposal and User Experience
- When creating a role, any base can be selected. A new permission is available and labeled "Manage Merge Request Settings" that can be selected.
- The permission actions for
admin_merge_request_settingsincludes:
| Group Actions | Project Actions |
|---|---|
|
Merge request settings:
|
Merge request settings:
Exclude
|
- API for reference
Views+Workflows include:
-
Base + permission: Can see Group-> General -> Merge requests -
Base + permission: Can see Group-> General -> Merge request approvals -
Base + permission: Can see Project-> Settings -> Merge request settings
Documentation
-
Permission Title: Manage Merge Request Settings -
Permission Description: Configure merge request settings at the group or project level. Group actions include managing merge checks and approval settings. Project actions include managing MR configurations, approval rules and settings, and branch targets. In order to enable Suggested reviewers, the "Manage project access tokens" custom permission needs to be enabled. -
Update prerequisites for...