Skip to content

Enforce public profiles when private profiles are disabled

Shane Maglangit requested to merge 461701-make-private-profiles-public-with-instance-setting into master

What does this MR do and why?

Enforce all user profiles to be public when the Allow users to make their profiles private instance setting is disabled.

This give admins full control over the visibility of user profiles.

References

Please include cross links to any resources that are relevant to this MR. This will give reviewers and future readers helpful context to give an efficient review of the changes introduced.

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Screen_Recording_2025-01-07_at_3.27.39_PM

How to set up and validate locally

  1. Enable the disallow_private_profiles feature flag and add an EE license.
  2. Configure a user's profile as private:
    • Log in as a regular user
    • Navigate to http://localhost:3000/-/user_settings/profile
    • Scroll to the "Private profile" section
    • Check the box labeled "Don't display activity-related personal information on your profile"
    • Save changes
  3. Enable private profiles globally:
  4. Verify private profile visibility:
  5. Disable private profiles globally:
  6. Verify enforced public profile:
    • Log out or open an incognito window
    • Navigate to http://localhost:3000/[username] again
    • Confirm that the profile now appears public (user details should be visible) /assign me
Edited by Shane Maglangit

Merge request reports