Restricted repository access: Allow for selective view of files/directory in a repository

Proposal

Allow for selective viewing/editing of files/directory in a repository. This is an attempt to solve for the case of giving access to certain areas of a repository but not the entire repository.

• Use a permission system to specify which files/directory a user can view/edit
  • This might depend on custom roles
• When users can only see selected files, then they can only view and code via the Web IDE and compile the code in a workspace
  • In past some ideas have come in the form of preventing the download of code #17032 (comment 1120229142). The main drawback of this solution is that if you limit download you would still be able to see the code via cloning. If we allowed for partial download locally then that developer would not be able to compile their code to verify any changes before commmitting.
  • Using a remote workspace could allow for the restricted code to be pulled in and used for compilation but not viewing. A tradeoff here would be limited intellisense, perhaps method signatures from definitions would be sufficient.
  • GitLab could implement a way to hide/restrict viewing of those files/directory in the Web IDE
  • Would prevent download and cloning to local machines for these users with restricted repository access.

This scenario comes up:

• When a contractor is invited to a team to work on a specific area of the code but you don't want to give access to the entire repository
  • Front end contractor to work on CSS styling for a rebrand
  • Database consultant hired for database tuning
• When a team member from another department would like access to the code but should not see the entire codebase due to compliance reasons
  • In banking when there is a separation between investment banking and other areas.

Concept mockup

In the Web IDE, you would see the structure of the repository but you may not have access to all of it.

1. User does not have access to "secret_sauce"
2. User has access to "views"

This allows the user to modify the code in "views" but restricts them from viewing what's in "secret_sauce".

When it is time to compile the code, the compiling happens on the remote workspace therefore it would be harder for the user to get at the source code of "secret_sauce". If a user was intent on viewing the source code of the restricted area, they could find ways to modify the build scripts to output code etc as a build step, so the build script might be a good example of having the viewing enabled but restricting the editing capabilities for those users.

changed milestone to %Awaiting further demand

added documentation featureaddition groupsource code typefeature labels

added Category:Source Code Management devopscreate sectiondev labels

changed the description

marked this issue as related to #17032 (closed)

marked this issue as related to #378385