summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAchilleas Pipinellis <axilleas@axilleas.me>2017-01-24 12:40:05 +0100
committerAchilleas Pipinellis <axilleas@axilleas.me>2017-01-24 12:40:05 +0100
commitb4dd549cdf0c96c5bc8b888a2d9c2709a8d54d07 (patch)
tree8daa23067847e09ac374b0fc9a58b8151c47b7c6
parentb60de9c0fd90c310d2a4146f75b67f9f360cbd6c (diff)
downloadgitlab-ce-b4dd549cdf0c96c5bc8b888a2d9c2709a8d54d07.tar.gz
Add docs for confidential issues
[ci skip]
-rw-r--r--doc/user/permissions.md30
-rw-r--r--doc/user/project/issues/confidential_issues.md67
-rw-r--r--doc/user/project/issues/img/confidential_issues_create.pngbin0 -> 9663 bytes
-rw-r--r--doc/user/project/issues/img/confidential_issues_index_page.pngbin0 -> 9949 bytes
-rw-r--r--doc/user/project/issues/img/confidential_issues_issue_page.pngbin0 -> 16089 bytes
-rw-r--r--doc/user/project/issues/img/confidential_issues_search_guest.pngbin0 -> 10152 bytes
-rw-r--r--doc/user/project/issues/img/confidential_issues_search_master.pngbin0 -> 15617 bytes
-rw-r--r--doc/user/project/issues/img/confidential_issues_system_notes.pngbin0 -> 3025 bytes
-rw-r--r--doc/workflow/README.md3
9 files changed, 86 insertions, 14 deletions
diff --git a/doc/user/permissions.md b/doc/user/permissions.md
index 5ada8748d85..678fc3ffd1f 100644
--- a/doc/user/permissions.md
+++ b/doc/user/permissions.md
@@ -19,10 +19,12 @@ The following table depicts the various user permission levels in a project.
| Action | Guest | Reporter | Developer | Master | Owner |
|---------------------------------------|---------|------------|-------------|----------|--------|
| Create new issue | ✓ | ✓ | ✓ | ✓ | ✓ |
+| Create confidential issue | ✓ | ✓ | ✓ | ✓ | ✓ |
+| View confidential issues | (✓) [^1] | ✓ | ✓ | ✓ | ✓ |
| Leave comments | ✓ | ✓ | ✓ | ✓ | ✓ |
-| See a list of builds | ✓ [^1] | ✓ | ✓ | ✓ | ✓ |
-| See a build log | ✓ [^1] | ✓ | ✓ | ✓ | ✓ |
-| Download and browse build artifacts | ✓ [^1] | ✓ | ✓ | ✓ | ✓ |
+| See a list of builds | ✓ [^2] | ✓ | ✓ | ✓ | ✓ |
+| See a build log | ✓ [^2] | ✓ | ✓ | ✓ | ✓ |
+| Download and browse build artifacts | ✓ [^2] | ✓ | ✓ | ✓ | ✓ |
| View wiki pages | ✓ | ✓ | ✓ | ✓ | ✓ |
| Pull project code | | ✓ | ✓ | ✓ | ✓ |
| Download project | | ✓ | ✓ | ✓ | ✓ |
@@ -63,11 +65,8 @@ The following table depicts the various user permission levels in a project.
| Switch visibility level | | | | | ✓ |
| Transfer project to another namespace | | | | | ✓ |
| Remove project | | | | | ✓ |
-| Force push to protected branches [^2] | | | | | |
-| Remove protected branches [^2] | | | | | |
-
-[^1]: If **Public pipelines** is enabled in **Project Settings > CI/CD Pipelines**
-[^2]: Not allowed for Guest, Reporter, Developer, Master, or Owner
+| Force push to protected branches [^3] | | | | | |
+| Remove protected branches [^3] | | | | | |
## Group
@@ -156,17 +155,20 @@ users:
| Run CI build | | ✓ | ✓ | ✓ |
| Clone source and LFS from current project | | ✓ | ✓ | ✓ |
| Clone source and LFS from public projects | | ✓ | ✓ | ✓ |
-| Clone source and LFS from internal projects | | ✓ [^3] | ✓ [^3] | ✓ |
-| Clone source and LFS from private projects | | ✓ [^4] | ✓ [^4] | ✓ [^4] |
+| Clone source and LFS from internal projects | | ✓ [^4] | ✓ [^4] | ✓ |
+| Clone source and LFS from private projects | | ✓ [^5] | ✓ [^5] | ✓ [^5] |
| Push source and LFS | | | | |
| Pull container images from current project | | ✓ | ✓ | ✓ |
| Pull container images from public projects | | ✓ | ✓ | ✓ |
-| Pull container images from internal projects| | ✓ [^3] | ✓ [^3] | ✓ |
-| Pull container images from private projects | | ✓ [^4] | ✓ [^4] | ✓ [^4] |
+| Pull container images from internal projects| | ✓ [^4] | ✓ [^4] | ✓ |
+| Pull container images from private projects | | ✓ [^5] | ✓ [^5] | ✓ [^5] |
| Push container images to current project | | ✓ | ✓ | ✓ |
| Push container images to other projects | | | | |
-[^3]: Only if user is not external one.
-[^4]: Only if user is a member of the project.
+[^1]: Guest users can only view the confidential issues they created themselves
+[^2]: If **Public pipelines** is enabled in **Project Settings > CI/CD Pipelines**
+[^3]: Not allowed for Guest, Reporter, Developer, Master, or Owner
+[^4]: Only if user is not external one.
+[^5]: Only if user is a member of the project.
[ce-18994]: https://gitlab.com/gitlab-org/gitlab-ce/issues/18994
[new-mod]: project/new_ci_build_permissions_model.md
diff --git a/doc/user/project/issues/confidential_issues.md b/doc/user/project/issues/confidential_issues.md
new file mode 100644
index 00000000000..a1563a3e076
--- /dev/null
+++ b/doc/user/project/issues/confidential_issues.md
@@ -0,0 +1,67 @@
+# Confidential issues
+
+> Introduced in GitLab 8.6.
+
+Confidential issues are issues visible only to members of a project with
+[sufficient permissions](#permissions-and-access-to-confidential-issues).
+Confidential issues can be used by open source projects and companies alike to
+keep security vulnerabilities private or prevent surprises from leaking out.
+
+## Making an issue confidential
+
+You can make an issue confidential either by creating a new issue or editing
+an existing one.
+
+When you create a new issue, a checkbox right below the text area is available
+to mark the issue as confidential. Check that box and hit the **Submit issue**
+button to create the issue. For existing issues, edit them, check the
+confidential checkbox and hit **Save changes**.
+
+![Creating a new confidential issue](img/confidential_issues_create.png)
+
+## Making an issue non-confidential
+
+To make an issue non-confidential, all you have to do is edit it and unmark
+the confidential checkbox. Once you save the issue, it will gain the default
+visibility level you have chosen for your project.
+
+Every change from regular to confidential and vice versa, is indicated by a
+system note in the issue's comments.
+
+![Confidential issues system notes](img/confidential_issues_system_notes.png)
+
+## Indications of a confidential issue
+
+>**Note:** If you don't have [enough permissions](#permissions-and-access-to-confidential-issues),
+you won't be able to see the confidential issues at all.
+
+There are a few things that visually separate a confidential issue from a
+regular one. In the issues index page view, you can see the eye-slash icon
+next to the issues that are marked as confidential.
+
+![Confidential issues index page](img/confidential_issues_index_page.png)
+
+---
+
+Likewise, while inside the issue, you can see the eye-slash icon right next to
+the issue number, but there is also an indicator in the comment area that the
+issue you are commenting on is confidential.
+
+![Confidential issue page](img/confidential_issues_issue_page.png)
+
+## Permissions and access to confidential issues
+
+There are two kinds of level access for confidential issues. The general rule
+is that confidential issues are visible only to members of a project with at
+least [Reporter access][permissions]. However, a guest user can also create
+confidential issues, but can only view the ones that they created themselves.
+
+Confidential issues are also hidden in search results for unprivileged users.
+For example, here's what a user with Master and Guest access sees in the
+project's search results respectively.
+
+| Master access | Guest access |
+| :-----------: | :----------: |
+| ![Confidential issues search master](img/confidential_issues_search_master.png) | ![Confidential issues search guest](img/confidential_issues_search_guest.png) |
+
+[permissions]: ../../permissions.md#project
diff --git a/doc/user/project/issues/img/confidential_issues_create.png b/doc/user/project/issues/img/confidential_issues_create.png
new file mode 100644
index 00000000000..4e6be3cc431
--- /dev/null
+++ b/doc/user/project/issues/img/confidential_issues_create.png
Binary files differ
diff --git a/doc/user/project/issues/img/confidential_issues_index_page.png b/doc/user/project/issues/img/confidential_issues_index_page.png
new file mode 100644
index 00000000000..042461e2451
--- /dev/null
+++ b/doc/user/project/issues/img/confidential_issues_index_page.png
Binary files differ
diff --git a/doc/user/project/issues/img/confidential_issues_issue_page.png b/doc/user/project/issues/img/confidential_issues_issue_page.png
new file mode 100644
index 00000000000..b3568e9303a
--- /dev/null
+++ b/doc/user/project/issues/img/confidential_issues_issue_page.png
Binary files differ
diff --git a/doc/user/project/issues/img/confidential_issues_search_guest.png b/doc/user/project/issues/img/confidential_issues_search_guest.png
new file mode 100644
index 00000000000..1af3d04d507
--- /dev/null
+++ b/doc/user/project/issues/img/confidential_issues_search_guest.png
Binary files differ
diff --git a/doc/user/project/issues/img/confidential_issues_search_master.png b/doc/user/project/issues/img/confidential_issues_search_master.png
new file mode 100644
index 00000000000..b2edeb6094a
--- /dev/null
+++ b/doc/user/project/issues/img/confidential_issues_search_master.png
Binary files differ
diff --git a/doc/user/project/issues/img/confidential_issues_system_notes.png b/doc/user/project/issues/img/confidential_issues_system_notes.png
new file mode 100644
index 00000000000..4005f9350f7
--- /dev/null
+++ b/doc/user/project/issues/img/confidential_issues_system_notes.png
Binary files differ
diff --git a/doc/workflow/README.md b/doc/workflow/README.md
index b317bd79ded..a56ae75fe69 100644
--- a/doc/workflow/README.md
+++ b/doc/workflow/README.md
@@ -7,6 +7,9 @@
- [Feature branch workflow](workflow.md)
- [GitLab Flow](gitlab_flow.md)
- [Groups](groups.md)
+- Issues - The GitLab Issue Tracker is an advanced and complete tool for
+ tracking the evolution of a new idea or the process of solving a problem.
+ - [Confidential issues](../user/project/issues/confidential_issues.md)
- [Issue Board](../user/project/issue_board.md)
- [Keyboard shortcuts](shortcuts.md)
- [File finder](file_finder.md)