I’m managing to get a proper private organization on public gitlab CE.
I’ve created a private group, with some public project (example Guidelines, setup etc…)
I’ve created a private sub-group, named web, but I want to restrict access to this group.
At the moment, with group inheritance, all users have access to web.
Is it possible to remove people from this specific subgroup, without removing them from the parent group?
One of the solution I’ve founded is to add people to subgroup directly, but they don’t have access to public resources (such as guidelines etc etc…)
I can override permissions, but that means the best we can do is assign someone Guest access since it’s the lowest privilege.
EVEN THEN, if that person chooses ‘leaves the group’, they are defaulted to their default privileges. I think this might be a not-so-good situation.
Let me give an example:
John and Adam are Owners of Parent group
John creates a project called Project1 and overrides Adam’s inherited ‘Owner’ privilege, granting him ‘Guest’ level access
Adam “has ‘Guest’ privileges”
Either this ‘Guest’ privilege is never actually effective, or when Adam Leaves the Project by clicking on the ‘Leave’ button, he is given back his default inherited privilege of ‘Owner’. What is actually the case?