Commit a2c59574 authored by Achilleas Pipinellis's avatar Achilleas Pipinellis

Merge branch 'docs/confidential-issues' into 'master'

Add docs for confidential issues

Closes #14397

See merge request !8741
parents 70a71704 1c8fa2ba
...@@ -19,10 +19,12 @@ The following table depicts the various user permission levels in a project. ...@@ -19,10 +19,12 @@ The following table depicts the various user permission levels in a project.
| Action | Guest | Reporter | Developer | Master | Owner | | Action | Guest | Reporter | Developer | Master | Owner |
|---------------------------------------|---------|------------|-------------|----------|--------| |---------------------------------------|---------|------------|-------------|----------|--------|
| Create new issue | ✓ | ✓ | ✓ | ✓ | ✓ | | Create new issue | ✓ | ✓ | ✓ | ✓ | ✓ |
| Create confidential issue | ✓ | ✓ | ✓ | ✓ | ✓ |
| View confidential issues | (✓) [^1] | ✓ | ✓ | ✓ | ✓ |
| Leave comments | ✓ | ✓ | ✓ | ✓ | ✓ | | Leave comments | ✓ | ✓ | ✓ | ✓ | ✓ |
| See a list of builds | ✓ [^1] | ✓ | ✓ | ✓ | ✓ | | See a list of builds | ✓ [^2] | ✓ | ✓ | ✓ | ✓ |
| See a build log | ✓ [^1] | ✓ | ✓ | ✓ | ✓ | | See a build log | ✓ [^2] | ✓ | ✓ | ✓ | ✓ |
| Download and browse build artifacts | ✓ [^1] | ✓ | ✓ | ✓ | ✓ | | Download and browse build artifacts | ✓ [^2] | ✓ | ✓ | ✓ | ✓ |
| View wiki pages | ✓ | ✓ | ✓ | ✓ | ✓ | | View wiki pages | ✓ | ✓ | ✓ | ✓ | ✓ |
| Pull project code | | ✓ | ✓ | ✓ | ✓ | | Pull project code | | ✓ | ✓ | ✓ | ✓ |
| Download project | | ✓ | ✓ | ✓ | ✓ | | Download project | | ✓ | ✓ | ✓ | ✓ |
...@@ -63,11 +65,8 @@ The following table depicts the various user permission levels in a project. ...@@ -63,11 +65,8 @@ The following table depicts the various user permission levels in a project.
| Switch visibility level | | | | | ✓ | | Switch visibility level | | | | | ✓ |
| Transfer project to another namespace | | | | | ✓ | | Transfer project to another namespace | | | | | ✓ |
| Remove project | | | | | ✓ | | Remove project | | | | | ✓ |
| Force push to protected branches [^2] | | | | | | | Force push to protected branches [^3] | | | | | |
| Remove protected branches [^2] | | | | | | | Remove protected branches [^3] | | | | | |
[^1]: If **Public pipelines** is enabled in **Project Settings > CI/CD Pipelines**
[^2]: Not allowed for Guest, Reporter, Developer, Master, or Owner
## Group ## Group
...@@ -156,17 +155,20 @@ users: ...@@ -156,17 +155,20 @@ users:
| Run CI build | | ✓ | ✓ | ✓ | | Run CI build | | ✓ | ✓ | ✓ |
| Clone source and LFS from current project | | ✓ | ✓ | ✓ | | Clone source and LFS from current project | | ✓ | ✓ | ✓ |
| Clone source and LFS from public projects | | ✓ | ✓ | ✓ | | Clone source and LFS from public projects | | ✓ | ✓ | ✓ |
| Clone source and LFS from internal projects | | ✓ [^3] | ✓ [^3] | ✓ | | Clone source and LFS from internal projects | | ✓ [^4] | ✓ [^4] | ✓ |
| Clone source and LFS from private projects | | ✓ [^4] | ✓ [^4] | ✓ [^4] | | Clone source and LFS from private projects | | ✓ [^5] | ✓ [^5] | ✓ [^5] |
| Push source and LFS | | | | | | Push source and LFS | | | | |
| Pull container images from current project | | ✓ | ✓ | ✓ | | Pull container images from current project | | ✓ | ✓ | ✓ |
| Pull container images from public projects | | ✓ | ✓ | ✓ | | Pull container images from public projects | | ✓ | ✓ | ✓ |
| Pull container images from internal projects| | ✓ [^3] | ✓ [^3] | ✓ | | Pull container images from internal projects| | ✓ [^4] | ✓ [^4] | ✓ |
| Pull container images from private projects | | ✓ [^4] | ✓ [^4] | ✓ [^4] | | Pull container images from private projects | | ✓ [^5] | ✓ [^5] | ✓ [^5] |
| Push container images to current project | | ✓ | ✓ | ✓ | | Push container images to current project | | ✓ | ✓ | ✓ |
| Push container images to other projects | | | | | | Push container images to other projects | | | | |
[^3]: Only if user is not external one. [^1]: Guest users can only view the confidential issues they created themselves
[^4]: Only if user is a member of the project. [^2]: If **Public pipelines** is enabled in **Project Settings > CI/CD Pipelines**
[^3]: Not allowed for Guest, Reporter, Developer, Master, or Owner
[^4]: Only if user is not external one.
[^5]: Only if user is a member of the project.
[ce-18994]: https://gitlab.com/gitlab-org/gitlab-ce/issues/18994 [ce-18994]: https://gitlab.com/gitlab-org/gitlab-ce/issues/18994
[new-mod]: project/new_ci_build_permissions_model.md [new-mod]: project/new_ci_build_permissions_model.md
# Confidential issues
> [Introduced][ce-3282] in GitLab 8.6.
Confidential issues are issues visible only to members of a project with
[sufficient permissions](#permissions-and-access-to-confidential-issues).
Confidential issues can be used by open source projects and companies alike to
keep security vulnerabilities private or prevent surprises from leaking out.
## Making an issue confidential
You can make an issue confidential either by creating a new issue or editing
an existing one.
When you create a new issue, a checkbox right below the text area is available
to mark the issue as confidential. Check that box and hit the **Submit issue**
button to create the issue. For existing issues, edit them, check the
confidential checkbox and hit **Save changes**.
![Creating a new confidential issue](img/confidential_issues_create.png)
## Making an issue non-confidential
To make an issue non-confidential, all you have to do is edit it and unmark
the confidential checkbox. Once you save the issue, it will gain the default
visibility level you have chosen for your project.
Every change from regular to confidential and vice versa, is indicated by a
system note in the issue's comments.
![Confidential issues system notes](img/confidential_issues_system_notes.png)
## Indications of a confidential issue
>**Note:** If you don't have [enough permissions](#permissions-and-access-to-confidential-issues),
you won't be able to see the confidential issues at all.
There are a few things that visually separate a confidential issue from a
regular one. In the issues index page view, you can see the eye-slash icon
next to the issues that are marked as confidential.
![Confidential issues index page](img/confidential_issues_index_page.png)
---
Likewise, while inside the issue, you can see the eye-slash icon right next to
the issue number, but there is also an indicator in the comment area that the
issue you are commenting on is confidential.
![Confidential issue page](img/confidential_issues_issue_page.png)
## Permissions and access to confidential issues
There are two kinds of level access for confidential issues. The general rule
is that confidential issues are visible only to members of a project with at
least [Reporter access][permissions]. However, a guest user can also create
confidential issues, but can only view the ones that they created themselves.
Confidential issues are also hidden in search results for unprivileged users.
For example, here's what a user with Master and Guest access sees in the
project's search results respectively.
| Master access | Guest access |
| :-----------: | :----------: |
| ![Confidential issues search master](img/confidential_issues_search_master.png) | ![Confidential issues search guest](img/confidential_issues_search_guest.png) |
[permissions]: ../../permissions.md#project
[ce-3282]: https://gitlab.com/gitlab-org/gitlab-ce/merge_requests/3282
...@@ -7,6 +7,9 @@ ...@@ -7,6 +7,9 @@
- [Feature branch workflow](workflow.md) - [Feature branch workflow](workflow.md)
- [GitLab Flow](gitlab_flow.md) - [GitLab Flow](gitlab_flow.md)
- [Groups](groups.md) - [Groups](groups.md)
- Issues - The GitLab Issue Tracker is an advanced and complete tool for
tracking the evolution of a new idea or the process of solving a problem.
- [Confidential issues](../user/project/issues/confidential_issues.md)
- [Issue Board](../user/project/issue_board.md) - [Issue Board](../user/project/issue_board.md)
- [Keyboard shortcuts](shortcuts.md) - [Keyboard shortcuts](shortcuts.md)
- [File finder](file_finder.md) - [File finder](file_finder.md)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment