Hi All
We have a very simplified permission managment where a developer should be able to access any created project.
The best would be to have a configuration that if a user is added somewhere in GitLab as a developer he/she would be considered enabled on any git project with the same role.
The second best would be to be able to add a user to all existing projects as developer form a single point or command. This would create anyway some trouble when a new project is created because than how would it be possible to have all the already present users to be added to this new project automatically or very quickly?
I guess what would really address this request is to be able to create a group of users and than add that group to any existing project.
Does anyone know how that could be done?
I think that depends strongly on how you organize your GitLab instance. We just added our top-level departments as user-groups, where every related project for each department is just added below the top-level user-group in sub-groups. If a user is a member of the highest user-group (i.e. IT) it will automatically retrieve the highest level of access for every project below that user-group given for that user-group.
i.e.
Let’s say you start with three groups. IT, Data management, R&D. You add a user to IT with the developer rights, he/she will be able to access every project in every group below IT with access rights for the ‘developer’ role. You can specifically increase the access rights per sub-group/project below IT, but the bare minimum is ‘developer’ in this case. When you create new projects, regardless of the sub-group within IT, every user within should be able to access that project.
So you don’t add users to a group and then that group to a project, you create groups and create projects within these groups and sub-groups to easily grant/retract access rights.
I also think there is a settings/set-up where you auto-assign new users to a specific group when they create an account on your instance. However, I cannot remember exactly where I read this so you might want to give good ol’ google a spin.
Does this help?