Add group-level Pages access control enforcement (!176757) · Merge requests · GitLab.org / GitLab

Ben King requested to merge benjaminking-pages-group-access into master Jan 02, 2025

What does this MR do and why?

This MR introduces a group-level functionality to enforce Pages visibility access controls. When enabled, all group projects will be updated to no longer be public, making them restricted to project members.

This addresses #254962 and creates a sense of parity for GitLab.com group owners, as this feature already exists for SM Administrators at an instance level.

How does this work? Does it override the project's set visibility level?

This doesn't directly modify a project's visibility level. When we do checks to determine if a project is public or not, this will perform a relevant lookup and block public access. When the group setting is disabled, all project visibility levels return to their original state.

References

Please include cross links to any resources that are relevant to this MR. This will give reviewers and future readers helpful context to give an efficient review of the changes introduced.

MR acceptance checklist

Please evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Screenshots or screen recordings

Group-level setting

Walkthrough Video

2025-01-03_12-16-24.remuxed

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

Edited Jan 06, 2025 by Ben King

Add group-level Pages access control enforcement