Changed permissions to role

711b68a7 · Suzanne Selhorn · Kati Paizee · e70e3415 · 711b68a7 · 711b68a7
Commit 711b68a7 authored Jul 12, 2021 by Suzanne Selhorn Committed by Kati Paizee Jul 12, 2021
9 changed files
--- a/doc/administration/index.md
+++ b/doc/administration/index.md
@@ -146,7 +146,7 @@ Learn how to install, configure, update, and maintain your GitLab instance.
 - [Issue closing pattern](issue_closing_pattern.md): Customize how to close an issue from commit messages.
 - [Gitaly](gitaly/index.md): Configuring Gitaly, the Git repository storage service for GitLab.
 - [Default labels](../user/admin_area/labels.md): Create labels that are automatically added to every new project.
- [Restrict the use of public or internal projects](../public_access/public_access.md#restricting-the-use-of-public-or-internal-projects): Restrict the use of visibility levels for users when they create a project or a snippet.
+- [Restrict the use of public or internal projects](../public_access/public_access.md#restrict-use-of-public-or-internal-projects): Restrict the use of visibility levels for users when they create a project or a snippet.
 - [Custom project templates](../user/admin_area/custom_project_templates.md): Configure a set of projects to be used as custom templates when creating a new project.

 ## Package Registry administration

--- a/doc/public_access/public_access.md
+++ b/doc/public_access/public_access.md
@@ -5,32 +5,39 @@ info: To determine the technical writer assigned to the Stage/Group associated w
 type: reference
 ---

-# Public access
+# Project visibility

-GitLab allows [Owners](../user/permissions.md) to set a project's visibility as **public**, **internal**,
-or **private**. These visibility levels affect who can see the project in the
-public access directory (`/public` under your GitLab instance), like at <https://gitlab.com/public>
+GitLab allows [Owners](../user/permissions.md) to set a project's visibility as:

-## Visibility of projects
+- **Public**
+- **Internal**
+- **Private**

-### Public projects
+These visibility levels affect who can see the project in the public access directory (`/public`
+for your GitLab instance). For example, <https://gitlab.com/public>.
+
+## Public projects

 Public projects can be cloned **without any** authentication over HTTPS.

 They are listed in the public access directory (`/public`) for all users.

-**Any logged in user** has [Guest permissions](../user/permissions.md)
-on the repository.
+**Any signed-in user** has the [Guest role](../user/permissions.md) on the repository.
+
+NOTE:
+By default, `/public` is visible to unauthenticated users. However, if the
+[**Public** visibility level](../user/admin_area/settings/visibility_and_access_controls.md#restricted-visibility-levels)
+is restricted, `/public` is visible only to signed-in users.

-### Internal projects
+## Internal projects

-Internal projects can be cloned by any logged in user except [external users](../user/permissions.md#external-users).
+Internal projects can be cloned by any signed-in user except
+[external users](../user/permissions.md#external-users).

-They are also listed in the public access directory (`/public`), but only for logged
-in users.
+They are also listed in the public access directory (`/public`), but only for signed-in users.

-Any logged in users except [external users](../user/permissions.md#external-users) have [Guest permissions](../user/permissions.md)
-on the repository.
+Any signed-in users except [external users](../user/permissions.md#external-users) have the
+[Guest role](../user/permissions.md) on the repository.

 NOTE:
 From July 2019, the `Internal` visibility setting is disabled for new projects, groups,
@@ -38,57 +45,22 @@ and snippets on GitLab.com. Existing projects, groups, and snippets using the `I
 visibility setting keep this setting. You can read more about the change in the
 [relevant issue](https://gitlab.com/gitlab-org/gitlab/-/issues/12388).

-### Private projects
+## Private projects

 Private projects can only be cloned and viewed by project members (except for guests).

 They appear in the public access directory (`/public`) for project members only.

-### How to change project visibility
+## Change project visibility

 1. Go to your project's **Settings**.
 1. Change **Visibility Level** to either Public, Internal, or Private.

-## Visibility of groups
-
-NOTE:
-[Starting with](https://gitlab.com/gitlab-org/gitlab-foss/-/merge_requests/3323) GitLab 8.6,
-the group visibility has changed and can be configured the same way as projects.
-In previous versions, a group's page was always visible to all users.
-
-Like with projects, the visibility of a group can be set to dictate whether
-anonymous users, all signed in users, or only explicit group members can view
-it. The restriction for visibility levels on the application setting level also
-applies to groups, so if that's set to internal, the explore page is empty
-for anonymous users. The group page now has a visibility level icon.
-
-Admin users cannot create subgroups or projects with higher visibility level than that of the immediate parent group.
-
-## Visibility of users
-
-The public page of a user, located at `/username`, is always visible whether
-you are logged in or not.
-
-When visiting the public page of a user, you can only see the projects which
-you are privileged to.
-
-If the public level is restricted, user profiles are only visible to logged in users.
-
-## Visibility of pages
-
-By default, the following directories are visible to unauthenticated users:
-
- Public access (`/public`).
- Explore (`/explore`).
- Help (`/help`).
-
-However, if the access level of the `/public` directory is restricted, these directories are visible only to logged in users.
-
-## Restricting the use of public or internal projects
+## Restrict use of public or internal projects

-You can restrict the use of visibility levels for users when they create a project or a
-snippet. This is useful to prevent users from publicly exposing their repositories
-by accident. The restricted visibility settings do not apply to admin users.
+You can restrict the use of visibility levels for users when they create a project or a snippet.
+This is useful to prevent users from publicly exposing their repositories by accident. The
+restricted visibility settings do not apply to admin users.

 For details, see [Restricted visibility levels](../user/admin_area/settings/visibility_and_access_controls.md#restricted-visibility-levels).


--- a/doc/user/admin_area/settings/help_page.md
+++ b/doc/user/admin_area/settings/help_page.md
@@ -13,7 +13,7 @@ to go for help. You can customize and display this information on the GitLab ser

 ## Adding a help message to the help page

-You can add a help message, which is shown on the GitLab `/help` page (e.g.,
+You can add a help message, which is shown on the GitLab `/help` page (for example,
 <https://gitlab.com/help>) in a new section at the top of the `/help` page:

 1. On the top bar, select **Menu >** **{admin}** **Admin**.
@@ -21,6 +21,11 @@ You can add a help message, which is shown on the GitLab `/help` page (e.g.,
 1. Under **Help page text**, fill in the information you wish to display on `/help`.
 1. Save your changes. You can now see the message on `/help`.

+NOTE:
+By default, `/help` is visible to unauthenticated users. However, if the
+[**Public** visibility level](visibility_and_access_controls.md#restricted-visibility-levels)
+is restricted, `/help` is visible only to signed-in users.
+
 ## Adding a help message to the login page **(STARTER)**

 You can add a help message, which is shown on the GitLab login page in a new section

--- a/doc/user/admin_area/settings/visibility_and_access_controls.md
+++ b/doc/user/admin_area/settings/visibility_and_access_controls.md
@@ -97,7 +97,8 @@ To change this period:
 Alternatively, projects that are marked for removal can be deleted immediately. To do so:

 1. [Restore the project](../../project/settings/#restore-a-project).
-1. Delete the project as described in the [Administering Projects page](../../admin_area/#administering-projects).
+1. Delete the project as described in the
+   [Administering Projects page](../../admin_area/#administering-projects).

 ## Default project visibility

@@ -106,7 +107,8 @@ To set the default visibility levels for new projects:
 1. Select the desired default project visibility.
 1. Click **Save changes**.

-For more details on project visibility, see [Public access](../../../public_access/public_access.md).
+For more details on project visibility, see
+[Project visibility](../../../public_access/public_access.md).

 ## Default snippet visibility

@@ -115,7 +117,8 @@ To set the default visibility levels for new snippets:
 1. Select the desired default snippet visibility.
 1. Click **Save changes**.

-For more details on snippet visibility, see [Public access](../../../public_access/public_access.md).
+For more details on snippet visibility, see
+[Project visibility](../../../public_access/public_access.md).

 ## Default group visibility

@@ -124,7 +127,8 @@ To set the default visibility levels for new groups:
 1. Select the desired default group visibility.
 1. Click **Save changes**.

-For more details on group visibility, see [Public access](../../../public_access/public_access.md).
+For more details on group visibility, see
+[Group visibility](../../group/index.md#group-visibility).

 ## Restricted visibility levels

@@ -133,7 +137,8 @@ To set the restricted visibility levels for projects, snippets, and selected pag
 1. Select the desired visibility levels to restrict.
 1. Select **Save changes**.

-For more details on project visibility, see [Public access](../../../public_access/public_access.md).
+For more details on project visibility, see
+[Project visibility](../../../public_access/public_access.md).

 ## Import sources


--- a/doc/user/group/index.md
+++ b/doc/user/group/index.md
@@ -29,6 +29,21 @@ To view groups:

 You can also view groups by namespace.

+### Group visibility
+
+Like projects, a group can be configured to limit the visibility of it to:
+
+- Anonymous users.
+- All signed-in users.
+- Only explicit group members.
+
+The restriction for [visibility levels](../admin_area/settings/visibility_and_access_controls.md#restricted-visibility-levels)
+on the application setting level also applies to groups. If set to internal, the explore page is
+empty for anonymous users. The group page has a visibility level icon.
+
+Administrator users cannot create a subgroup or project with a higher visibility level than that of
+the immediate parent group.
+
 ### Namespaces

 In GitLab, a namespace is a unique name and URL for a user, a group, or subgroup.

--- a/doc/user/profile/index.md
+++ b/doc/user/profile/index.md
@@ -79,6 +79,16 @@ The following is hidden from your user profile page (`https://gitlab.example.com
 NOTE:
 Making your user profile page private does not hide your public resources from the REST or GraphQL APIs.

+### User visibility
+
+The public page of a user, located at `/username`, is always visible whether you are signed-in or
+not.
+
+When visiting the public page of a user, you can only see the projects which you have privileges to.
+
+If the [public level is restricted](../admin_area/settings/visibility_and_access_controls.md#restricted-visibility-levels),
+user profiles are only visible to signed-in users.
+
 ## Add external accounts to your user profile page

 You can add links to certain other external accounts you might have, like Skype and Twitter.

--- a/doc/user/project/import/github.md
+++ b/doc/user/project/import/github.md
@@ -28,7 +28,7 @@ The following aspects of a project are imported:

 References to pull requests and issues are preserved (GitLab.com & 8.7+), and
 each imported repository maintains visibility level unless that [visibility
-level is restricted](../../../public_access/public_access.md#restricting-the-use-of-public-or-internal-projects),
+level is restricted](../../../public_access/public_access.md#restrict-use-of-public-or-internal-projects),
 in which case it defaults to the default project visibility.

 The namespace is a user or group in GitLab, such as `gitlab.com/janedoe` or `gitlab.com/customer-success`. You can do some bulk actions to move projects to different namespaces in the rails console.

--- a/doc/user/project/settings/import_export.md
+++ b/doc/user/project/settings/import_export.md
@@ -183,7 +183,7 @@ To export a project and its data, follow these steps:

 NOTE:
 If use of the `Internal` visibility level
-[is restricted](../../../public_access/public_access.md#restricting-the-use-of-public-or-internal-projects),
+[is restricted](../../../public_access/public_access.md#restrict-use-of-public-or-internal-projects),
 all imported projects are given the visibility of `Private`.

 NOTE:

--- a/doc/user/project/working_with_projects.md
+++ b/doc/user/project/working_with_projects.md
@@ -14,12 +14,17 @@ code are saved in projects, and most features are in the scope of projects.
 You can explore other popular projects available on GitLab. To explore projects:

 1. On the top bar, select **Menu > Project**.
-1. Select **Explore Projects**.
+1. Select **Explore projects**.

 GitLab displays a list of projects, sorted by last updated date. To view
 projects with the most [stars](#star-a-project), click **Most stars**. To view
 projects with the largest number of comments in the past month, click **Trending**.

+NOTE:
+By default, `/explore` is visible to unauthenticated users. However, if the
+[**Public** visibility level](../admin_area/settings/visibility_and_access_controls.md#restricted-visibility-levels)
+is restricted, `/explore` is visible only to signed-in users.
+
 ## Create a project

 To create a project in GitLab:
@@ -148,7 +153,7 @@ and then [cloning the repository](../../gitlab-basics/start-using-git.md#clone-a
 locally, you can directly push it to GitLab to create the new project, all without leaving
 your terminal. If you have access rights to the associated namespace, GitLab
 automatically creates a new project under that GitLab namespace with its visibility
-set to Private by default (you can later change it in the [project's settings](../../public_access/public_access.md#how-to-change-project-visibility)).
+set to Private by default (you can later change it in the [project's settings](../../public_access/public_access.md#change-project-visibility)).

 This can be done by using either SSH or HTTPS: