Is it possible to not have Maintainers access to change the projects settings?
https://docs.gitlab.com/ee/user/project/settings/
Only project maintainers and administrators have the permissions to access a project settings .
We want to distinguish between Developers and Maintainers, but only GitLab admins should be able to change instance, group and project settinngs.
We want Maintainers to be the only one who can push changes to protected branches.
Setting Protected strategy to “Fully Protected” gives us that.
However these are still just Developers, and should not be allowed to change the projects settings.
They are the maintainers of the code, but not the project.
Seems there is a feature request for exactly this:
This issue mentiones editing the project_policy.rb to change permissions.
Is this possible? Can we edit this and remove all admin rights for Maintainers?
There are three such files on our GitLab EE v13.9.1 instance:
/opt/gitlab/embedded/service/gitlab-rails/ee/app/policies/ee/project_policy.rb
/opt/gitlab/embedded/service/gitlab-rails/app/policies/project_policy.rb
/opt/gitlab/embedded/service/gitlab-rails/app/policies/deploy_keys_project_policy.rb