diff --git a/doc/api/access_requests.md b/doc/api/access_requests.md
index 1bd626603bfcda789c4e3f6ecc236cd277d5a7ed..f8db7722f62ceab1d9ebeba5c4888a1deeeedc40 100644
--- a/doc/api/access_requests.md
+++ b/doc/api/access_requests.md
@@ -18,6 +18,7 @@ following levels are recognized:
- No access (`0`)
- Minimal access (`5`)
- Guest (`10`)
+- Planner (`15`)
- Reporter (`20`)
- Developer (`30`)
- Maintainer (`40`)
diff --git a/doc/api/broadcast_messages.md b/doc/api/broadcast_messages.md
index ce8f1d63e89891e3396b0238a694542729077bd4..3cd65154da22e356fa38261d90e30907b8c83e86 100644
--- a/doc/api/broadcast_messages.md
+++ b/doc/api/broadcast_messages.md
@@ -127,6 +127,7 @@ The `target_access_levels` are defined in the `Gitlab::Access` module. The
following levels are valid:
- Guest (`10`)
+- Planner (`15`)
- Reporter (`20`)
- Developer (`30`)
- Maintainer (`40`)
@@ -198,6 +199,7 @@ The `target_access_levels` are defined in the `Gitlab::Access` module. The
following levels are valid:
- Guest (`10`)
+- Planner (`15`)
- Reporter (`20`)
- Developer (`30`)
- Maintainer (`40`)
diff --git a/doc/api/group_access_tokens.md b/doc/api/group_access_tokens.md
index 56d3da2483e682fdb4c3710a4d50660dff68c215..b2f4bacc94236d720e1f4a2871b21abca8be4845 100644
--- a/doc/api/group_access_tokens.md
+++ b/doc/api/group_access_tokens.md
@@ -116,7 +116,7 @@ POST /groups/:id/access_tokens
| `id` | integer or string | yes | ID or [URL-encoded path of the group](rest/index.md#namespaced-paths) |
| `name` | String | yes | Name of the group access token |
| `scopes` | `Array[String]` | yes | [List of scopes](../user/group/settings/group_access_tokens.md#scopes-for-a-group-access-token) |
-| `access_level` | Integer | no | Access level. Valid values are `10` (Guest), `20` (Reporter), `30` (Developer), `40` (Maintainer), and `50` (Owner). |
+| `access_level` | Integer | no | Access level. Valid values are `10` (Guest), `15` (Planner), `20` (Reporter), `30` (Developer), `40` (Maintainer), and `50` (Owner). |
| `expires_at` | Date | yes | Expiration date of the access token in ISO format (`YYYY-MM-DD`). The date cannot be set later than the [maximum allowable lifetime of an access token](../user/profile/personal_access_tokens.md#access-token-expiration). |
```shell
diff --git a/doc/api/invitations.md b/doc/api/invitations.md
index 7baf6e330247fc2b136ea6de86e84bec86d3ca46..db48d74033ffd40144f02b671faeca54fdc38165 100644
--- a/doc/api/invitations.md
+++ b/doc/api/invitations.md
@@ -21,6 +21,7 @@ levels are defined in the `Gitlab::Access` module. Currently, these levels are v
- No access (`0`)
- Minimal access (`5`)
- Guest (`10`)
+- Planner (`15`)
- Reporter (`20`)
- Developer (`30`)
- Maintainer (`40`)
diff --git a/doc/api/member_roles.md b/doc/api/member_roles.md
index e98f4c189467887cc64076a41861f6e8a4b34924..97ac058072c264d509955c0a7d40c3c7e2d0978e 100644
--- a/doc/api/member_roles.md
+++ b/doc/api/member_roles.md
@@ -100,7 +100,7 @@ Supported attributes:
|:----------|:--------|:---------|:-------------------------------------|
| `name` | string | yes | The name of the member role. |
| `description` | string | no | The description of the member role. |
-| `base_access_level` | integer | yes | Base access level for configured role. Valid values are `10` (Guest), `20` (Reporter), `30` (Developer), `40` (Maintainer), or `50` (Owner).|
+| `base_access_level` | integer | yes | Base access level for configured role. Valid values are `10` (Guest), `15` (Planner), `20` (Reporter), `30` (Developer), `40` (Maintainer), or `50` (Owner).|
| `admin_cicd_variables` | boolean | no | Permission to create, read, update, and delete CI/CD variables. |
| `admin_compliance_framework` | boolean | no | Permission to administer compliance frameworks. |
| `admin_group_member` | boolean | no | Permission to add, remove and assign members in a group. |
diff --git a/doc/api/members.md b/doc/api/members.md
index a8963acbb5ae30d49c94799272d02b0eca781871..90dd691ec4eb0e147bfab48922c7dc70d3911c10 100644
--- a/doc/api/members.md
+++ b/doc/api/members.md
@@ -18,6 +18,7 @@ in the `Gitlab::Access` module as `access_level`.
- No access (`0`)
- Minimal access (`5`)
- Guest (`10`)
+- Planner (`15`)
- Reporter (`20`)
- Developer (`30`)
- Maintainer (`40`)
diff --git a/doc/api/milestones.md b/doc/api/milestones.md
index e449fc45536b0bbdcb487f13e4c211349ab585cd..fa72ee4b60c2490c7c83f9f7f68b8abdbd0678c0 100644
--- a/doc/api/milestones.md
+++ b/doc/api/milestones.md
@@ -123,8 +123,9 @@ Parameters:
## Delete project milestone
> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/issues/343889) the minimum user role from Developer to Reporter in GitLab 15.0.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
-Only for users with at least the Reporter role for the project.
+Only for users with at least the Planner role for the project.
```plaintext
DELETE /projects/:id/milestones/:milestone_id
@@ -170,8 +171,9 @@ Parameters:
## Promote project milestone to a group milestone
> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/issues/343889) the minimum user role from Developer to Reporter in GitLab 15.0.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
-Only for users with at least the Reporter role for the group.
+Only for users with at least the Planner role for the group.
```plaintext
POST /projects/:id/milestones/:milestone_id/promote
diff --git a/doc/api/project_access_tokens.md b/doc/api/project_access_tokens.md
index 70c5390a41d982206f4ce1b7ce1c90b94e782984..714c1ad590d60377acdbcb85c0b3ed67b0f56472 100644
--- a/doc/api/project_access_tokens.md
+++ b/doc/api/project_access_tokens.md
@@ -122,7 +122,7 @@ POST projects/:id/access_tokens
| `id` | integer or string | yes | ID or [URL-encoded path of the project](rest/index.md#namespaced-paths) |
| `name` | string | yes | Name of the project access token |
| `scopes` | `Array[String]` | yes | [List of scopes](../user/project/settings/project_access_tokens.md#scopes-for-a-project-access-token) |
-| `access_level` | integer | no | Access level. Valid values are `10` (Guest), `20` (Reporter), `30` (Developer), `40` (Maintainer), and `50` (Owner). Defaults to `40`. |
+| `access_level` | integer | no | Access level. Valid values are `10` (Guest), `15` (Planner), `20` (Reporter), `30` (Developer), `40` (Maintainer), and `50` (Owner). Defaults to `40`. |
| `expires_at` | date | yes | Expiration date of the access token in ISO format (`YYYY-MM-DD`). The date cannot be set later than the [maximum allowable lifetime of an access token](../user/profile/personal_access_tokens.md#access-token-expiration). |
```shell
diff --git a/doc/ci/test_cases/index.md b/doc/ci/test_cases/index.md
index 264824b3b76f0334a886b09ad7b8c4b4df2ba5ec..aaa0d1453b0e7c6ddd197fef170dbed334227bc2 100644
--- a/doc/ci/test_cases/index.md
+++ b/doc/ci/test_cases/index.md
@@ -30,9 +30,11 @@ For more information, see [Product Stage Direction - Plan](https://about.gitlab.
## Create a test case
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
+
Prerequisites:
-- You must have at least the Reporter role.
+- You must have at least the Planner role.
To create a test case in a GitLab project:
@@ -51,7 +53,7 @@ Prerequisites:
- Non-confidential test case in a public project: You don't have to be a member of the project.
- Non-confidential test case in a private project: You must have at least the Guest role for the project.
-- Confidential test case (regardless of project visibility): You must have at least the Reporter role for the project.
+- Confidential test case (regardless of project visibility): You must have at least the Planner role for the project.
To view a test case:
@@ -63,11 +65,13 @@ To view a test case:
## Edit a test case
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
+
You can edit a test case's title and description.
Prerequisites:
-- You must have at least the Reporter role.
+- You must have at least the Planner role.
- Users demoted to the Guest role can continue to edit the test cases they created
when they were in the higher role.
@@ -81,12 +85,13 @@ To edit a test case:
## Make a test case confidential
> - Introduced for [new](https://gitlab.com/gitlab-org/gitlab/-/issues/422121) and [existing](https://gitlab.com/gitlab-org/gitlab/-/issues/422120) test cases in GitLab 16.5.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
If you're working on a test case that contains private information, you can make it confidential.
Prerequisites:
-- You must have at least the Reporter role.
+- You must have at least the Planner role.
To make a test case confidential:
@@ -98,11 +103,13 @@ or editing an existing one.
## Archive a test case
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
+
When you want to stop using a test case, you can archive it. You can [reopen an archived test case](#reopen-an-archived-test-case) later.
Prerequisites:
-- You must have at least the Reporter role.
+- You must have at least the Planner role.
To archive a test case, on the test case's page, select **Archive test case**.
@@ -114,11 +121,13 @@ To view archived test cases:
## Reopen an archived test case
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
+
If you decide to start using an archived test case again, you can reopen it.
Prerequisites:
-- You must have at least the Reporter role.
+- You must have at least the Planner role.
To reopen an archived test case:
diff --git a/doc/user/crm/index.md b/doc/user/crm/index.md
index 228a56fc9460cd1705f12487eac11808dd5fee49..45656f6ab6a9a79787aaf19f72e230aa17c577cf 100644
--- a/doc/user/crm/index.md
+++ b/doc/user/crm/index.md
@@ -14,6 +14,7 @@ DETAILS:
> - In GitLab 14.8 and later, you can [create contacts and organizations only in top-level groups](https://gitlab.com/gitlab-org/gitlab/-/issues/350634).
> - [Enabled on GitLab.com and self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/346082) in GitLab 15.0.
> - [Feature flag removed](https://gitlab.com/gitlab-org/gitlab/-/issues/346082) in GitLab 15.1.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
With customer relations management (CRM) you can create a record of contacts
(individuals) and organizations (companies) and relate them to issues.
@@ -26,12 +27,12 @@ For more information about what is planned for the future, see [issue 2256](http
## Permissions
-| Permission | Guest | Group Reporter | Group Developer, Maintainer, and Owner |
-| ---------- | ---------------- | -------------- | -------------------------------------- |
-| View contacts/organizations | | ✓ | ✓ |
-| View issue contacts | | ✓ | ✓ |
-| Add/remove issue contacts | | ✓ | ✓ |
-| Create/edit contacts/organizations | | | ✓ |
+| Permission | Guest | Planner | Group Reporter | Group Developer, Maintainer, and Owner |
+|------------------------------------|-------|---------|----------------|----------------------------------------|
+| View contacts/organizations | | ✓ | ✓ | ✓ |
+| View issue contacts | | ✓ | ✓ | ✓ |
+| Add/remove issue contacts | | ✓ | ✓ | ✓ |
+| Create/edit contacts/organizations | | | | ✓ |
## Enable customer relations management (CRM)
@@ -73,7 +74,7 @@ To configure the contact source for a group or subgroup:
Prerequisites:
-- You must have at least the Reporter role for the group.
+- You must have at least the Planner role for the group.
To view a group's contacts:
@@ -137,7 +138,7 @@ To change the state of a contact:
Prerequisites:
-- You must have at least the Reporter role for the group.
+- You must have at least the Planner role for the group.
To view a group's organizations:
@@ -192,7 +193,7 @@ issues are linked to contacts matching the email addresses in the sender and CC
Prerequisites:
-- You must have at least the Reporter role for the group.
+- You must have at least the Planner role for the group.
To view a contact's issues, select a contact from the issue sidebar, or:
@@ -204,7 +205,7 @@ To view a contact's issues, select a contact from the issue sidebar, or:
Prerequisites:
-- You must have at least the Reporter role for the group.
+- You must have at least the Planner role for the group.
To view an organization's issues:
@@ -217,7 +218,7 @@ To view an organization's issues:
Prerequisites:
-- You must have at least the Reporter role for the group.
+- You must have at least the Planner role for the group.
You can view contacts associated with an issue in the right sidebar.
@@ -233,7 +234,7 @@ API.
Prerequisites:
-- You must have at least the Reporter role for the group.
+- You must have at least the Planner role for the group.
To add [active](#change-the-state-of-a-contact) contacts to an issue use the `/add_contacts [contact:address@example.com]`
[quick action](../project/quick_actions.md).
@@ -246,7 +247,7 @@ API.
Prerequisites:
-- You must have at least the Reporter role for the group.
+- You must have at least the Planner role for the group.
To remove contacts from an issue use the `/remove_contacts [contact:address@example.com]`
[quick action](../project/quick_actions.md).
diff --git a/doc/user/group/epics/epic_boards.md b/doc/user/group/epics/epic_boards.md
index 6e23a47bf67b00ea381fb1265951859ac8820c55..73dcd68792072961e3e0e43eba1e97ec2b5915c2 100644
--- a/doc/user/group/epics/epic_boards.md
+++ b/doc/user/group/epics/epic_boards.md
@@ -11,6 +11,7 @@ DETAILS:
**Offering:** GitLab.com, Self-managed, GitLab Dedicated
> - Displaying total weight on the top of lists [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/364503) in GitLab 15.11.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
Epic boards build on the existing [epic tracking functionality](index.md) and
[labels](../../project/labels.md). Your epics appear as cards in vertical lists, organized by their assigned
@@ -36,7 +37,7 @@ To view an epic board:
Prerequisites:
-- You must have at least the Reporter role for a group.
+- You must have at least the Planner role for a group.
To create a new epic board:
@@ -59,7 +60,7 @@ To change these options later, [edit the board](#edit-the-scope-of-an-epic-board
Prerequisites:
-- You must have at least the Reporter role for a group.
+- You must have at least the Planner role for a group.
- A minimum of two boards present in a group.
To delete the active epic board:
@@ -85,7 +86,7 @@ To delete the active epic board:
Prerequisites:
-- You must have at least the Reporter role for a group.
+- You must have at least the Planner role for a group.
To create a new list:
@@ -115,7 +116,7 @@ list view that's removed. You can always create it again later if you need.
Prerequisites:
-- You must have at least the Reporter role for a group.
+- You must have at least the Planner role for a group.
To remove a list from an epic board:
@@ -128,7 +129,7 @@ To remove a list from an epic board:
Prerequisites:
-- You must have at least the Reporter role for a group.
+- You must have at least the Planner role for a group.
- You must have [created a list](#create-a-new-list) first.
To create an epic from a list in epic board:
@@ -171,7 +172,7 @@ You can move epics and lists by dragging them.
Prerequisites:
-- You must have at least the Reporter role for a group.
+- You must have at least the Planner role for a group.
To move an epic, select the epic card and drag it to another position in its current list or
into another list. Learn about possible effects in [Dragging epics between lists](#dragging-epics-between-lists).
@@ -190,7 +191,7 @@ Your epic is moved to the top of the list even if other epics are hidden by a fi
Prerequisites:
-- You must at least have the Reporter role for a group.
+- You must at least have the Planner role for a group.
To move an epic to the start of the list:
@@ -208,7 +209,7 @@ Your epic is moved to the bottom of the list even if other epics are hidden by a
Prerequisites:
-- You must at least have the Reporter role for a group.
+- You must at least have the Planner role for a group.
To move an epic to the end of the list:
@@ -230,7 +231,7 @@ and the target list.
Prerequisites:
-- You must have at least the Reporter role for a group.
+- You must have at least the Planner role for a group.
To edit the scope of an epic board:
diff --git a/doc/user/group/epics/manage_epics.md b/doc/user/group/epics/manage_epics.md
index 6fb1d38c0cce27471af2ca501d248d0c30ea6db6..6b854229a4c9a98d18af08c9565f702dfb7a1fdc 100644
--- a/doc/user/group/epics/manage_epics.md
+++ b/doc/user/group/epics/manage_epics.md
@@ -15,9 +15,11 @@ to them.
## Create an epic
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
+
Prerequisites:
-- You must have at least the Reporter role for the epic's group.
+- You must have at least the Planner role for the epic's group.
To create an epic in the group you're in:
@@ -62,6 +64,8 @@ The parent epic's start date then reflects this change and propagates upwards to
## Edit an epic
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
+
After you create an epic, you can edit the following details:
- Title
@@ -73,7 +77,7 @@ After you create an epic, you can edit the following details:
Prerequisites:
-- You must have at least the Reporter role for the epic's group.
+- You must have at least the Planner role for the epic's group.
To edit an epic's title or description:
@@ -89,12 +93,13 @@ To edit an epic's start date, due date, or labels:
### Reorder list items in the epic description
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/15260) in GitLab 15.1.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
When you view an epic that has a list in the description, you can also reorder the list items.
Prerequisites:
-- You must have at least the Reporter role for the project, be the author of the epic, or be
+- You must have at least the Planner role for the project, be the author of the epic, or be
assigned to the epic.
- The epic's description must have an [ordered, unordered](../../markdown.md#lists), or
[task](../../markdown.md#task-lists) list.
@@ -108,13 +113,15 @@ To reorder list items, when viewing an epic:
### Bulk edit epics
-Users with at least the Reporter role can manage epics.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
+
+Users with at least the Planner role can manage epics.
When bulk editing epics in a group, you can edit their labels.
Prerequisites:
-- You must have at least the Reporter role for the parent epic's group.
+- You must have at least the Planner role for the parent epic's group.
To update multiple epics at the same time:
@@ -177,10 +184,12 @@ If you find a bug, use the
### Change assignee on an epic
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
+
Prerequisites:
- Your administrator must have [enabled the new look for epics](epic_work_items.md).
-- You must have at least the Reporter role for the group.
+- You must have at least the Planner role for the group.
To change the assignee on an epic:
@@ -225,9 +234,11 @@ On epic boards, the color shows on the epic's card accent:
### Change an epic's color
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
+
Prerequisites:
-- You must have at least the Reporter role for the epic's group.
+- You must have at least the Planner role for the epic's group.
To change an epic's color:
@@ -243,10 +254,11 @@ The epic's color is updated.
## Delete an epic
> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/issues/452189) in GitLab 16.11. In GitLab 16.10 and earlier, if you delete an epic, all its child epics and their descendants are deleted as well. If needed, you can [remove child epics](#remove-a-child-epic-from-a-parent-epic) from the parent epic before you delete it.
+> - [Allowed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) Planner role to delete an epic in GitLab 17.7.
Prerequisites:
-- You must have the Owner role for the epic's group.
+- You must have the Planner or Owner role for the epic's group.
To delete an epic:
@@ -257,9 +269,11 @@ Deleting an epic releases all existing issues from their associated epic in the
## Close an epic
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
+
Prerequisites:
-- You must have at least the Reporter role for the epic's group.
+- You must have at least the Planner role for the epic's group.
To close an epic:
@@ -269,11 +283,13 @@ You can also use the `/close` [quick action](../../project/quick_actions.md).
## Reopen a closed epic
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
+
You can reopen an epic that was closed.
Prerequisites:
-- You must have at least the Reporter role for the epic's group.
+- You must have at least the Planner role for the epic's group.
To do so, either:
@@ -310,12 +326,14 @@ To view epics in a group:
### Who can view an epic
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
+
Whether you can view an epic depends on the [group visibility level](../../public_access.md) and
the epic's [confidentiality status](#make-an-epic-confidential):
- Public group and a non-confidential epic: Anyone can view the epic.
- Private group and non-confidential epic: You must have at least the Guest role for the group.
-- Confidential epic (regardless of group visibility): You must have at least the Reporter
+- Confidential epic (regardless of group visibility): You must have at least the Planner
role for the group.
### Cached epic count
@@ -388,6 +406,8 @@ or newest items to be shown first.
## Make an epic confidential
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
+
If you're working on items that contain private information, you can make an epic confidential.
NOTE:
@@ -398,7 +418,7 @@ to learn how to create a confidential merge request.
Prerequisites:
-- You must have at least the Reporter role for the epic's group.
+- You must have at least the Planner role for the epic's group.
To make an epic confidential:
@@ -492,10 +512,12 @@ To address risks to timely delivery of your planned work, incorporate a review o
#### Change health status of an epic
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
+
Prerequisites:
- Your administrator must have [enabled the new look for epics](epic_work_items.md).
-- You must have at least the Reporter role for the group.
+- You must have at least the Planner role for the group.
To change the health status of an epic:
diff --git a/doc/user/group/iterations/index.md b/doc/user/group/iterations/index.md
index a82f448148d5f036ba080c1d886f979f0df5eb6f..2dec2fdf2a315a6454207e36aa02afd316cb839b 100644
--- a/doc/user/group/iterations/index.md
+++ b/doc/user/group/iterations/index.md
@@ -44,10 +44,11 @@ configure iteration cadences to automatically roll over incomplete issues to the
### Create an iteration cadence
> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/issues/343889) the minimum user role from Developer to Reporter in GitLab 15.0.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
Prerequisites:
-- You must have at least the Reporter role for a group.
+- You must have at least the Planner role for a group.
To create an iteration cadence:
@@ -91,7 +92,7 @@ For example `https://gitlab.com/gitlab-org/sample-data-templates/sample-gitlab-p
Prerequisites:
-- You must have at least the Reporter role for a group.
+- You must have at least the Planner role for a group.
To edit an iteration cadence:
@@ -151,10 +152,11 @@ to satisfy the requirement that there are at least two upcoming iterations sched
### Delete an iteration cadence
> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/issues/343889) the minimum user role from Developer to Reporter in GitLab 15.0.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
Prerequisites:
-- You must have at least the Reporter role for a group.
+- You must have at least the Planner role for a group.
Deleting an iteration cadence also deletes all iterations in that cadence.
@@ -180,13 +182,14 @@ On GitLab.com, this is the `automation-bot1` user.
## Create an iteration manually
> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/issues/343889) the minimum user role from Developer to Reporter in GitLab 15.0.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
When an iteration cadence has automatic scheduling enabled, iterations are created on schedule.
If you disable that option, you can create iterations manually.
Prerequisites:
-- You must have at least the Reporter role for a group.
+- You must have at least the Planner role for a group.
- There must be at least one iteration cadence in the group and
[automatic scheduling must be disabled](#turn-on-and-off-automatic-scheduling-for-an-iteration-cadence) for the iteration cadence.
@@ -202,10 +205,11 @@ To create an iteration:
## Edit an iteration
> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/issues/343889) the minimum user role from Developer to Reporter in GitLab 15.0.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
Prerequisites:
-- You must have at least the Reporter role for a group.
+- You must have at least the Planner role for a group.
To edit an iteration:
@@ -220,10 +224,11 @@ To edit an iteration:
## Delete an iteration
> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/issues/343889) the minimum user role from Developer to Reporter in GitLab 15.0.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
Prerequisites:
-- You must have at least the Reporter role for a group.
+- You must have at least the Planner role for a group.
- [Automatic scheduling must be disabled](#turn-on-and-off-automatic-scheduling-for-an-iteration-cadence) for the iteration cadence.
To delete an iteration:
diff --git a/doc/user/okrs.md b/doc/user/okrs.md
index 4b9d381238252364297a9d9e464696f4491a2ca6..3443ac74350820bad4f16a81df233a0a910591e7 100644
--- a/doc/user/okrs.md
+++ b/doc/user/okrs.md
@@ -95,9 +95,11 @@ its parent's objective.
## Edit title and description
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
+
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To edit an OKR:
@@ -114,10 +116,11 @@ To edit an OKR:
> - Changing activity sort order [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/378949) in GitLab 15.8.
> - Filtering activity [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/389971) in GitLab 15.10.
> - [Enabled on GitLab.com and self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/334812) in GitLab 15.10.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
You can view all the [system notes](project/system_notes.md) related to the OKR. By default they are sorted by **Oldest first**.
You can always change the sorting order to **Newest first**, which is remembered across sessions.
@@ -128,6 +131,8 @@ You can add [comments](discussions/index.md) and reply to threads in OKRs.
## Assign users
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
+
To show who is responsible for an OKR, you can assign users to it.
Users on GitLab Free can assign one user per OKR.
@@ -136,7 +141,7 @@ See also [multiple assignees for issues](project/issues/multiple_assignees_for_i
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To change the assignee on an OKR:
@@ -147,9 +152,11 @@ To change the assignee on an OKR:
## Assign labels
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
+
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
Use [labels](project/labels.md) to organize OKRs among teams.
@@ -163,13 +170,14 @@ To add labels to an OKR:
## Add an objective to a milestone
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/367463) in GitLab 15.7.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
You can add an objective to a [milestone](project/milestones/index.md).
You can see the milestone title when you view an objective.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To add an objective to a milestone:
@@ -181,6 +189,7 @@ To add an objective to a milestone:
## Set progress
> - Setting progress for key results [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/382433) in GitLab 15.8.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
Show how much of the work needed to achieve an objective is finished.
@@ -193,7 +202,7 @@ value is updated, the automation updates all parents again to show the average.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To set progress of an objective or key result:
@@ -207,6 +216,7 @@ To set progress of an objective or key result:
## Set health status
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/381899) in GitLab 15.7.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
To better track the risk in meeting your goals, you can assign a [health status](project/issues/managing_issues.md#health-status)
to each objective and key result.
@@ -215,7 +225,7 @@ as planned or need attention to stay on schedule.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To set health status of an OKR:
@@ -226,10 +236,11 @@ To set health status of an OKR:
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/386877) in GitLab 16.0.
> - Quick action `/promote_to` [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/412534) in GitLab 16.1.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To promote a key result:
@@ -274,12 +285,14 @@ To copy the objective's or key result's email address:
## Close an OKR
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
+
When an OKR is achieved, you can close it.
The OKR is marked as closed but is not deleted.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To close an OKR:
@@ -354,10 +367,11 @@ To add an existing key result to an objective:
### Reorder objective and key result children
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/385887) in GitLab 16.0.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
By default, child OKRs are ordered by creation date.
To reorder them, drag them around.
@@ -365,6 +379,7 @@ To reorder them, drag them around.
### Schedule OKR check-in reminders
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/422761) in GitLab 16.4 [with a flag](../administration/feature_flags.md) named `okr_checkin_reminders`. Disabled by default.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
FLAG:
On self-managed GitLab, by default this feature is not available. To make it available, an administrator can [enable the feature flag](../administration/feature_flags.md) named `okr_checkin_reminders`.
@@ -380,7 +395,7 @@ Reminders are sent on Tuesdays.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
- There must be at least one objective with at least one key result in the project.
- You can schedule reminders only for top-level objectives.
Scheduling a check-in reminder for child objectives has no effect.
@@ -410,10 +425,11 @@ To turn off a check-in reminder, enter:
## Set an objective as a parent
> - [Introduced](https://gitlab.com/groups/gitlab-org/-/epics/11198) in GitLab 16.6.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
- The parent objective and child OKR must belong to the same project.
To set an objective as a parent of an OKR:
@@ -436,6 +452,8 @@ leaking out.
### Make an OKR confidential
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
+
By default, OKRs are public.
You can make an OKR confidential when you create or edit it.
@@ -450,7 +468,7 @@ Select that checkbox and then select **Create objective** or **Create key result
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
- A **confidential objective** can have only confidential
[child objectives or key results](#child-objectives-and-key-results):
- To make an objective confidential: If it has any child objectives or key results, you must first
@@ -468,7 +486,9 @@ To change the confidentiality of an existing OKR:
### Who can see confidential OKRs
-When an OKR is made confidential, only users with at least the Reporter role for the project have
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
+
+When an OKR is made confidential, only users with at least the Planner role for the project have
access to the OKR.
Users with Guest or [Minimal](permissions.md#users-with-minimal-access) roles can't access
the OKR even if they were actively participating before the change.
@@ -502,6 +522,7 @@ system note in the OKR's comments, for example:
## Lock discussion
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/398649) in GitLab 16.9 [with a flag](../administration/feature_flags.md) named `work_items_beta`. Disabled by default.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
FLAG:
On self-managed GitLab, by default this feature is not available. To make it available, an administrator can [enable the feature flag](../administration/feature_flags.md) named `work_items_beta`.
@@ -513,7 +534,7 @@ When you do, only project members can add and edit comments.
Prerequisites:
-- You must have at least the Reporter role.
+- You must have at least the Planner role.
To lock an OKR:
diff --git a/doc/user/permissions.md b/doc/user/permissions.md
index 23285366db6d76a3c208039cb4091e79d7c87b5e..6f427c4ff70a30b0a75e3f494406e4e96c28e832 100644
--- a/doc/user/permissions.md
+++ b/doc/user/permissions.md
@@ -35,6 +35,7 @@ You can assign users a default role or a [custom role](custom_roles.md).
The available default roles are:
- Guest (This role applies to [private and internal projects](../user/public_access.md) only.)
+- Planner
- Reporter
- Developer
- Maintainer
@@ -70,38 +71,38 @@ The following tables list the project permissions available for each role.
Project permissions for [analytics](../user/analytics/index.md) features including value streams, usage trends, product analytics, and insights.
-| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
-| ------------------------------------------------------------------------------------------ | :---: | :------: | :-------: | :--------: | :---: | ----- |
-| View [issue analytics](group/issues_analytics/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| View [value stream analytics](group/value_stream_analytics/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| View [CI/CD analytics](analytics/ci_cd_analytics.md) | | ✓ | ✓ | ✓ | ✓ | |
-| View [code review analytics](analytics/code_review_analytics.md) | | ✓ | ✓ | ✓ | ✓ | |
-| View [DORA metrics](analytics/ci_cd_analytics.md) | | ✓ | ✓ | ✓ | ✓ | |
-| View [merge request analytics](analytics/merge_request_analytics.md) | | ✓ | ✓ | ✓ | ✓ | |
-| View [repository analytics](analytics/repository_analytics.md) | | ✓ | ✓ | ✓ | ✓ | |
-| View [Value Streams Dashboard & AI Impact analytics](analytics/value_streams_dashboard.md) | | ✓ | ✓ | ✓ | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+| ------------------------------------------------------------------------------------------ | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
+| View [issue analytics](group/issues_analytics/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| View [value stream analytics](group/value_stream_analytics/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| View [CI/CD analytics](analytics/ci_cd_analytics.md) | | | ✓ | ✓ | ✓ | ✓ | |
+| View [code review analytics](analytics/code_review_analytics.md) | | | ✓ | ✓ | ✓ | ✓ | |
+| View [DORA metrics](analytics/ci_cd_analytics.md) | | | ✓ | ✓ | ✓ | ✓ | |
+| View [merge request analytics](analytics/merge_request_analytics.md) | | | ✓ | ✓ | ✓ | ✓ | |
+| View [repository analytics](analytics/repository_analytics.md) | | | ✓ | ✓ | ✓ | ✓ | |
+| View [Value Streams Dashboard & AI Impact analytics](analytics/value_streams_dashboard.md) | | | ✓ | ✓ | ✓ | ✓ | |
### Application security
Project permissions for [application security](application_security/secure_your_application.md) features including dependency management, security analyzers, security policies, and vulnerability management.
-| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
-|-------------------------------------------------------------------------------------------|:-----:|:--------:|:---------:|:----------:|:-----:|-------|
-| View [dependency list](application_security/dependency_list/index.md) | | | ✓ | ✓ | ✓ | |
-| View licenses in [dependency list](application_security/dependency_list/index.md) | | | ✓ | ✓ | ✓ | |
-| View [security dashboard](application_security/security_dashboard/index.md) | | | ✓ | ✓ | ✓ | |
-| View [vulnerability report](application_security/vulnerability_report/index.md) | | | ✓ | ✓ | ✓ | |
-| Create [vulnerability manually](application_security/vulnerability_report/index.md#manually-add-a-vulnerability) | | | ✓ | ✓ | ✓ | |
-| Create [issue](application_security/vulnerabilities/index.md#create-a-gitlab-issue-for-a-vulnerability) from vulnerability finding | | | ✓ | ✓ | ✓ | |
-| Create [on-demand DAST scans](application_security/dast/on-demand_scan.md) | | | ✓ | ✓ | ✓ | |
-| Run [on-demand DAST scans](application_security/dast/on-demand_scan.md) | | | ✓ | ✓ | ✓ | |
-| Create [individual security policies](application_security/policies/index.md) | | | ✓ | ✓ | ✓ | |
-| Change [individual security policies](application_security/policies/index.md) | | | ✓ | ✓ | ✓ | |
-| Delete [individual security policies](application_security/policies/index.md) | | | ✓ | ✓ | ✓ | |
-| Create [CVE ID request](application_security/cve_id_request.md) | | | | ✓ | ✓ | |
-| Change vulnerability status | | | | ✓ | ✓ | The `admin_vulnerability` permission was [removed](https://gitlab.com/gitlab-org/gitlab/-/issues/412693) from the Developer role in GitLab 17.0. |
-| Create or assign [security policy project](application_security/policies/index.md) | | | | | ✓ | |
-| Manage [security configurations](application_security/configuration/index.md) | | | | | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+| ---------------------------------------------------------------------------------------------------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
+| View [dependency list](application_security/dependency_list/index.md) | | | | ✓ | ✓ | ✓ | |
+| View licenses in [dependency list](application_security/dependency_list/index.md) | | | | ✓ | ✓ | ✓ | |
+| View [security dashboard](application_security/security_dashboard/index.md) | | | | ✓ | ✓ | ✓ | |
+| View [vulnerability report](application_security/vulnerability_report/index.md) | | | | ✓ | ✓ | ✓ | |
+| Create [vulnerability manually](application_security/vulnerability_report/index.md#manually-add-a-vulnerability) | | | | ✓ | ✓ | ✓ | |
+| Create [issue](application_security/vulnerabilities/index.md#create-a-gitlab-issue-for-a-vulnerability) from vulnerability finding | | | | ✓ | ✓ | ✓ | |
+| Create [on-demand DAST scans](application_security/dast/on-demand_scan.md) | | | | ✓ | ✓ | ✓ | |
+| Run [on-demand DAST scans](application_security/dast/on-demand_scan.md) | | | | ✓ | ✓ | ✓ | |
+| Create [individual security policies](application_security/policies/index.md) | | | | ✓ | ✓ | ✓ | |
+| Change [individual security policies](application_security/policies/index.md) | | | | ✓ | ✓ | ✓ | |
+| Delete [individual security policies](application_security/policies/index.md) | | | | ✓ | ✓ | ✓ | |
+| Create [CVE ID request](application_security/cve_id_request.md) | | | | | ✓ | ✓ | |
+| Change vulnerability status | | | | | ✓ | ✓ | The `admin_vulnerability` permission was [removed](https://gitlab.com/gitlab-org/gitlab/-/issues/412693) from the Developer role in GitLab 17.0. |
+| Create or assign [security policy project](application_security/policies/index.md) | | | | | | ✓ | |
+| Manage [security configurations](application_security/configuration/index.md) | | | | | | ✓ | |
### CI/CD
@@ -114,44 +115,44 @@ Project permissions for [application security](application_security/secure_your_
Project Owners can perform any listed action, and can delete pipelines:
-| Action | Non-member | Guest | Reporter | Developer | Maintainer | Notes |
-|------------------------------------------------------------------|:----------:|:-----:|:--------:|:---------:|:----------:|-------|
-| View existing artifacts | ✓ | ✓ | ✓ | ✓ | ✓ | Non-members and guests: Only if the project is public. |
-| View list of jobs | ✓ | ✓ | ✓ | ✓ | ✓ | Non-members: Only if the project is public and **Public pipelines** is enabled in **Project Settings > CI/CD**.
Guests: Only if **Public pipelines** is enabled in **Project Settings > CI/CD**. |
-| View artifacts | ✓ | ✓ | ✓ | ✓ | ✓ | Non-members: Only if the project is public, **Public pipelines** is enabled in **Project Settings > CI/CD**, and [`artifacts:public: false`](../ci/yaml/index.md#artifactspublic) is not set on the job.
Guests: Only if **Public pipelines** is enabled in **Project Settings > CI/CD** and `artifacts:public: false` is not set on the job.
Reporters: Only if `artifacts:public: false` is not set on the job. |
-| Download artifacts | ✓ | ✓ | ✓ | ✓ | ✓ | Non-members: Only if the project is public, **Public pipelines** is enabled in **Project Settings > CI/CD**, and [`artifacts:public: false`](../ci/yaml/index.md#artifactspublic) is not set on the job.
Guests: Only if **Public pipelines** is enabled in **Project Settings > CI/CD** and `artifacts:public: false` is not set on the job.
Reporters: Only if `artifacts:public: false` is not set on the job. |
-| View [environments](../ci/environments/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | Non-members and guests: Only if the project is public. |
-| View job logs and job details page | ✓ | ✓ | ✓ | ✓ | ✓ | Non-members: Only if the project is public and **Public pipelines** is enabled in **Project Settings > CI/CD**.
Guests: Only if **Public pipelines** is enabled in **Project Settings > CI/CD**. |
-| View pipelines and pipeline details pages | ✓ | ✓ | ✓ | ✓ | ✓ | Non-members: Only if the project is public and **Public pipelines** is enabled in **Project Settings > CI/CD**.
Guests: Only if **Public pipelines** is enabled in **Project Settings > CI/CD**. |
-| View pipelines tab in MR | ✓ | ✓ | ✓ | ✓ | ✓ | Non-members and guests: Only if the project is public. |
-| View [vulnerabilities in a pipeline](application_security/vulnerability_report/pipeline.md#view-vulnerabilities-in-a-pipeline) | | ✓ | ✓ | ✓ | ✓ | Guests: Only if **Public pipelines** is enabled in **Project Settings > CI/CD**. |
-| Run deployment job for a protected environment | | | ✓ | ✓ | ✓ | Reporters: Only if the user is [part of a group with access to the protected environment](../ci/environments/protected_environments.md#deployment-only-access-to-protected-environments).
Developers and maintainers: Only if the user is [allowed to deploy to the protected branch](../ci/environments/protected_environments.md#protecting-environments). |
-| View [agents for Kubernetes](clusters/agent/index.md) | | | | ✓ | ✓ | |
-| View project [Secure Files](../api/secure_files.md) | | | | ✓ | ✓ | |
-| Download project [Secure Files](../api/secure_files.md) | | | | ✓ | ✓ | |
-| View a job with [debug logging](../ci/variables/index.md#enable-debug-logging) | | | | ✓ | ✓ | |
-| Create [environments](../ci/environments/index.md) | | | | ✓ | ✓ | |
-| Delete [environments](../ci/environments/index.md) | | | | ✓ | ✓ | |
-| Stop [environments](../ci/environments/index.md) | | | | ✓ | ✓ | |
-| Run CI/CD pipeline | | | | ✓ | ✓ | |
-| Run CI/CD pipeline for a protected branch | | | | ✓ | ✓ | Developers and maintainers: Only if the user is [allowed to merge or push to the protected branch](../ci/pipelines/index.md#pipeline-security-on-protected-branches). |
-| Run CI/CD job | | | | ✓ | ✓ | |
-| Delete job logs or job artifacts | | | | ✓ | ✓ | Developers: Only if the job was triggered by the user and runs for a non-protected branch. |
-| Enable [review apps](../ci/review_apps/index.md) | | | | ✓ | ✓ | |
-| Cancel jobs | | | | ✓ | ✓ | Cancellation permissions can be [restricted in the pipeline settings](../ci/pipelines/settings.md#restrict-roles-that-can-cancel-pipelines-or-jobs). |
-| Retry jobs | | | | ✓ | ✓ | |
-| Read [Terraform](infrastructure/index.md) state | | | | ✓ | ✓ | |
-| Run [interactive web terminals](../ci/interactive_web_terminal/index.md) | | | | ✓ | ✓ | |
-| Use pipeline editor | | | | ✓ | ✓ | |
-| Manage [agents for Kubernetes](clusters/agent/index.md) | | | | | ✓ | |
-| Manage CI/CD settings | | | | | ✓ | |
-| Manage job triggers | | | | | ✓ | |
-| Manage project CI/CD variables | | | | | ✓ | |
-| Manage project [Secure Files](../api/secure_files.md) | | | | | ✓ | |
-| Manage [Terraform](infrastructure/index.md) state | | | | | ✓ | |
-| Add project runners to project | | | | | ✓ | |
-| Clear runner caches manually | | | | | ✓ | |
-| Enable instance runners in project | | | | | ✓ | |
+| Action | Non-member | Guest | Planner | Reporter | Developer | Maintainer | Notes |
+| ------------------------------------------------------------------------------------------------------------------------------ | :--------: | :---: | :-----: | :------: | :-------: | :--------: | ----- |
+| View existing artifacts | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Non-members and guests: Only if the project is public. |
+| View list of jobs | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Non-members: Only if the project is public and **Public pipelines** is enabled in **Project Settings > CI/CD**.
Guests: Only if **Public pipelines** is enabled in **Project Settings > CI/CD**. |
+| View artifacts | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Non-members: Only if the project is public, **Public pipelines** is enabled in **Project Settings > CI/CD**, and [`artifacts:public: false`](../ci/yaml/index.md#artifactspublic) is not set on the job.
Guests: Only if **Public pipelines** is enabled in **Project Settings > CI/CD** and `artifacts:public: false` is not set on the job.
Reporters: Only if `artifacts:public: false` is not set on the job. |
+| Download artifacts | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Non-members: Only if the project is public, **Public pipelines** is enabled in **Project Settings > CI/CD**, and [`artifacts:public: false`](../ci/yaml/index.md#artifactspublic) is not set on the job.
Guests: Only if **Public pipelines** is enabled in **Project Settings > CI/CD** and `artifacts:public: false` is not set on the job.
Reporters: Only if `artifacts:public: false` is not set on the job. |
+| View [environments](../ci/environments/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Non-members and guests: Only if the project is public. |
+| View job logs and job details page | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Non-members: Only if the project is public and **Public pipelines** is enabled in **Project Settings > CI/CD**.
Guests: Only if **Public pipelines** is enabled in **Project Settings > CI/CD**. |
+| View pipelines and pipeline details pages | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Non-members: Only if the project is public and **Public pipelines** is enabled in **Project Settings > CI/CD**.
Guests: Only if **Public pipelines** is enabled in **Project Settings > CI/CD**. |
+| View pipelines tab in MR | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Non-members and guests: Only if the project is public. |
+| View [vulnerabilities in a pipeline](application_security/vulnerability_report/pipeline.md#view-vulnerabilities-in-a-pipeline) | | ✓ | ✓ | ✓ | ✓ | ✓ | Guests: Only if **Public pipelines** is enabled in **Project Settings > CI/CD**. |
+| Run deployment job for a protected environment | | | | ✓ | ✓ | ✓ | Reporters: Only if the user is [part of a group with access to the protected environment](../ci/environments/protected_environments.md#deployment-only-access-to-protected-environments).
Developers and maintainers: Only if the user is [allowed to deploy to the protected branch](../ci/environments/protected_environments.md#protecting-environments). |
+| View [agents for Kubernetes](clusters/agent/index.md) | | | | | ✓ | ✓ | |
+| View project [Secure Files](../api/secure_files.md) | | | | | ✓ | ✓ | |
+| Download project [Secure Files](../api/secure_files.md) | | | | | ✓ | ✓ | |
+| View a job with [debug logging](../ci/variables/index.md#enable-debug-logging) | | | | | ✓ | ✓ | |
+| Create [environments](../ci/environments/index.md) | | | | | ✓ | ✓ | |
+| Delete [environments](../ci/environments/index.md) | | | | | ✓ | ✓ | |
+| Stop [environments](../ci/environments/index.md) | | | | | ✓ | ✓ | |
+| Run CI/CD pipeline | | | | | ✓ | ✓ | |
+| Run CI/CD pipeline for a protected branch | | | | | ✓ | ✓ | Developers and maintainers: Only if the user is [allowed to merge or push to the protected branch](../ci/pipelines/index.md#pipeline-security-on-protected-branches). |
+| Run CI/CD job | | | | | ✓ | ✓ | |
+| Delete job logs or job artifacts | | | | | ✓ | ✓ | Developers: Only if the job was triggered by the user and runs for a non-protected branch. |
+| Enable [review apps](../ci/review_apps/index.md) | | | | | ✓ | ✓ | |
+| Cancel jobs | | | | | ✓ | ✓ | Cancellation permissions can be [restricted in the pipeline settings](../ci/pipelines/settings.md#restrict-roles-that-can-cancel-pipelines-or-jobs). |
+| Retry jobs | | | | | ✓ | ✓ | |
+| Read [Terraform](infrastructure/index.md) state | | | | | ✓ | ✓ | |
+| Run [interactive web terminals](../ci/interactive_web_terminal/index.md) | | | | | ✓ | ✓ | |
+| Use pipeline editor | | | | | ✓ | ✓ | |
+| Manage [agents for Kubernetes](clusters/agent/index.md) | | | | | | ✓ | |
+| Manage CI/CD settings | | | | | | ✓ | |
+| Manage job triggers | | | | | | ✓ | |
+| Manage project CI/CD variables | | | | | | ✓ | |
+| Manage project [Secure Files](../api/secure_files.md) | | | | | | ✓ | |
+| Manage [Terraform](infrastructure/index.md) state | | | | | | ✓ | |
+| Add project runners to project | | | | | | ✓ | |
+| Clear runner caches manually | | | | | | ✓ | |
+| Enable instance runners in project | | | | | | ✓ | |
This table shows granted privileges for jobs triggered by specific roles.
@@ -159,7 +160,7 @@ Project Owners can do any listed action, but no users can push source and LFS to
Guest users and members with the Reporter role cannot do any of these actions.
| Action | Developer | Maintainer | Notes |
-|----------------------------------------------|:---------:|:----------:|-------|
+| -------------------------------------------- | :-------: | :--------: | ----- |
| Clone source and LFS from current project | ✓ | ✓ | |
| Clone source and LFS from public projects | ✓ | ✓ | |
| Clone source and LFS from internal projects | ✓ | ✓ | Developers and Maintainers: Only if the triggering user is not an external user. |
@@ -174,224 +175,228 @@ Guest users and members with the Reporter role cannot do any of these actions.
Project permissions for [compliance](compliance/index.md) features including compliance center, audit events, compliance frameworks, and licenses.
-| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
-|---------------------------------------------------------------------------------------------------|:-----:|:--------:|:---------:|:----------:|:-----:|-------|
-| View [allowed and denied licenses in MR](compliance/license_scanning_of_cyclonedx_files/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | On self-managed GitLab instances, users with the Guest role are able to perform this action only on public and internal projects (not on private projects). [External users](../administration/external_users.md) must be have at least the Reporter role, even if the project is internal. Users with the Guest role on GitLab.com are able to perform this action only on public projects because internal visibility is not available. |
-| View [audit events](compliance/audit_events.md) | | | ✓ | ✓ | ✓ | Users can only view events based on their individual actions. For more details, see the [prerequisites](compliance/audit_events.md#prerequisites). |
-| View licenses in [dependency list](application_security/dependency_list/index.md) | | | ✓ | ✓ | ✓ | |
-| Manage [audit streams](compliance/audit_event_streaming.md) | | | | | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+| ------------------------------------------------------------------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
+| View [allowed and denied licenses in MR](compliance/license_scanning_of_cyclonedx_files/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | On self-managed GitLab instances, users with the Guest role are able to perform this action only on public and internal projects (not on private projects). [External users](../administration/external_users.md) must be have at least the Reporter role, even if the project is internal. Users with the Guest role on GitLab.com are able to perform this action only on public projects because internal visibility is not available. |
+| View [audit events](compliance/audit_events.md) | | | | ✓ | ✓ | ✓ | Users can only view events based on their individual actions. For more details, see the [prerequisites](compliance/audit_events.md#prerequisites). |
+| View licenses in [dependency list](application_security/dependency_list/index.md) | | | | ✓ | ✓ | ✓ | |
+| Manage [audit streams](compliance/audit_event_streaming.md) | | | | | | ✓ | |
### Machine learning model registry and experiment
Project permissions for [model registry](project/ml/model_registry/index.md) and [model experiments](project/ml/experiment_tracking/index.md).
-| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
-|-------------------------------------------------------------------|:-----:|:--------:|:---------:|:----------:|:-----:|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------:|
-| View [models and versions](project/ml/model_registry/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | Non-members can only view models and versions in public projects with the **Everyone with access** visibility level. Non-members can't view internal projects, even if they're logged in. |
-| View [model experiments](project/ml/experiment_tracking/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | Non-members can only view model experiments in public projects with the **Everyone with access** visibility level. Non-members can't view internal projects, even if they're logged in. |
-| Create models, versions, and artifacts | | | ✓ | ✓ | ✓ | You can also upload and download artifacts with the package registry API, which uses it's own set of permissions. |
-| Edit models, versions, and artifacts | | | ✓ | ✓ | ✓ | |
-| Create experiments and candidates | | | ✓ | ✓ | ✓ | |
-| Edit experiments and candidates | | | ✓ | ✓ | ✓ | |
-| Delete experiments and candidates | | | ✓ | ✓ | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+| ----------------------------------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: | :---: |
+| View [models and versions](project/ml/model_registry/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Non-members can only view models and versions in public projects with the **Everyone with access** visibility level. Non-members can't view internal projects, even if they're logged in. |
+| View [model experiments](project/ml/experiment_tracking/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Non-members can only view model experiments in public projects with the **Everyone with access** visibility level. Non-members can't view internal projects, even if they're logged in. |
+| Create models, versions, and artifacts | | | | ✓ | ✓ | ✓ | You can also upload and download artifacts with the package registry API, which uses it's own set of permissions. |
+| Edit models, versions, and artifacts | | | | ✓ | ✓ | ✓ | |
+| Create experiments and candidates | | | | ✓ | ✓ | ✓ | |
+| Edit experiments and candidates | | | | ✓ | ✓ | ✓ | |
+| Delete experiments and candidates | | | | ✓ | ✓ | ✓ | |
### Monitoring
Project permissions for monitoring including [error tracking](../operations/error_tracking.md) and [incident management](../operations/incident_management/index.md):
-| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
-|---------------------------------------------------------------------------------------------------------------------| :----:| :------: | :-------: | :--------: | :---: | :---: |
-| View an [incident](../operations/incident_management/incidents.md) | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Assign an [incident management](../operations/incident_management/index.md) alert | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Participate in on-call rotation for [Incident Management](../operations/incident_management/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| View [alerts](../operations/incident_management/alerts.md) | | ✓ | ✓ | ✓ | ✓ | |
-| View [error tracking](../operations/error_tracking.md) list | | ✓ | ✓ | ✓ | ✓ | |
-| View [escalation policies](../operations/incident_management/escalation_policies.md) | | ✓ | ✓ | ✓ | ✓ | |
-| View [on-call schedules](../operations/incident_management/oncall_schedules.md) | | ✓ | ✓ | ✓ | ✓ | |
-| Create [incident](../operations/incident_management/incidents.md) | | ✓ | ✓ | ✓ | ✓ | |
-| Change [alert status](../operations/incident_management/alerts.md#change-an-alerts-status) | | ✓ | ✓ | ✓ | ✓ | |
-| Change [incident severity](../operations/incident_management/manage_incidents.md#change-severity) | | ✓ | ✓ | ✓ | ✓ | |
-| Change [incident escalation status](../operations/incident_management/manage_incidents.md#change-status) | | | ✓ | ✓ | ✓ | |
-| Change [incident escalation policy](../operations/incident_management/manage_incidents.md#change-escalation-policy) | | | ✓ | ✓ | ✓ | |
-| Manage [error tracking](../operations/error_tracking.md) | | | | ✓ | ✓ | |
-| Manage [escalation policies](../operations/incident_management/escalation_policies.md) | | | | ✓ | ✓ | |
-| Manage [on-call schedules](../operations/incident_management/oncall_schedules.md) | | | | ✓ | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+| ------------------------------------------------------------------------------------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: | :---: |
+| View an [incident](../operations/incident_management/incidents.md) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Assign an [incident management](../operations/incident_management/index.md) alert | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Participate in on-call rotation for [Incident Management](../operations/incident_management/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| View [alerts](../operations/incident_management/alerts.md) | | | ✓ | ✓ | ✓ | ✓ | |
+| View [error tracking](../operations/error_tracking.md) list | | | ✓ | ✓ | ✓ | ✓ | |
+| View [escalation policies](../operations/incident_management/escalation_policies.md) | | | ✓ | ✓ | ✓ | ✓ | |
+| View [on-call schedules](../operations/incident_management/oncall_schedules.md) | | | ✓ | ✓ | ✓ | ✓ | |
+| Create [incident](../operations/incident_management/incidents.md) | | | ✓ | ✓ | ✓ | ✓ | |
+| Change [alert status](../operations/incident_management/alerts.md#change-an-alerts-status) | | | ✓ | ✓ | ✓ | ✓ | |
+| Change [incident severity](../operations/incident_management/manage_incidents.md#change-severity) | | | ✓ | ✓ | ✓ | ✓ | |
+| Change [incident escalation status](../operations/incident_management/manage_incidents.md#change-status) | | | | ✓ | ✓ | ✓ | |
+| Change [incident escalation policy](../operations/incident_management/manage_incidents.md#change-escalation-policy) | | | | ✓ | ✓ | ✓ | |
+| Manage [error tracking](../operations/error_tracking.md) | | | | | ✓ | ✓ | |
+| Manage [escalation policies](../operations/incident_management/escalation_policies.md) | | | | | ✓ | ✓ | |
+| Manage [on-call schedules](../operations/incident_management/oncall_schedules.md) | | | | | ✓ | ✓ | |
### Project planning
Project permissions for [issues](project/issues/index.md):
-| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
-|-----------------------------------------------------------------------|:-----:|:--------:|:---------:|:----------:|:-----:|-------|
-| View issues | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Create issues | ✓ | ✓ | ✓ | ✓ | ✓ | Authors and assignees can modify the title and description even if they don't have the Reporter role. |
-| View [confidential issues](project/issues/confidential_issues.md) | | ✓ | ✓ | ✓ | ✓ | |
-| Update metadata on issues | | ✓ | ✓ | ✓ | ✓ | Metadata includes labels, assignees, milestones, epics, weight, confidentiality, time tracking, and more.
Guest users can only set metadata when creating an issue. They cannot change the metadata on existing issues. |
-| Close / reopen issues | | ✓ | ✓ | ✓ | ✓ | Authors and assignees can close and reopen issues even if they don't have the Reporter role. |
-| Manage [design management](project/issues/design_management.md) files | | ✓ | ✓ | ✓ | ✓ | |
-| Manage [issue boards](project/issue_board.md) | | ✓ | ✓ | ✓ | ✓ | |
-| Manage [milestones](project/milestones/index.md) | | ✓ | ✓ | ✓ | ✓ | |
-| Archive or reopen [requirements](project/requirements/index.md) | | ✓ | ✓ | ✓ | ✓ | Authors and assignees can archive and re-open even if they don't have the Reporter role. |
-| Create or edit [requirements](project/requirements/index.md) | | ✓ | ✓ | ✓ | ✓ | Authors and assignees can modify the title and description even if they don't have the Reporter role.|
-| Import or export [requirements](project/requirements/index.md) | | ✓ | ✓ | ✓ | ✓ | |
-| Archive [test cases](../ci/test_cases/index.md) | | ✓ | ✓ | ✓ | ✓ | |
-| Create [test cases](../ci/test_cases/index.md) | | ✓ | ✓ | ✓ | ✓ | |
-| Move [test cases](../ci/test_cases/index.md) | | ✓ | ✓ | ✓ | ✓ | |
-| Reopen [test cases](../ci/test_cases/index.md) | | ✓ | ✓ | ✓ | ✓ | |
-| Manage [Feature flags](../operations/feature_flags.md) | | | ✓ | ✓ | ✓ | |
-| Delete issues | | | | | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+| --------------------------------------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: | :---: |
+| View issues | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Create issues | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Authors and assignees can modify the title and description even if they don't have the Reporter role. |
+| View [confidential issues](project/issues/confidential_issues.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Update metadata on issues | | ✓ | ✓ | ✓ | ✓ | ✓ | Metadata includes labels, assignees, milestones, epics, weight, confidentiality, time tracking, and more.
Guest users can only set metadata when creating an issue. They cannot change the metadata on existing issues. |
+| Add internal note | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Close / reopen issues | | ✓ | ✓ | ✓ | ✓ | ✓ | Authors and assignees can close and reopen issues even if they don't have the Reporter role. |
+| Manage [design management](project/issues/design_management.md) files | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Manage [issue boards](project/issue_board.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Manage [milestones](project/milestones/index.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Archive or reopen [requirements](project/requirements/index.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | Authors and assignees can archive and re-open even if they don't have the Reporter role. |
+| Create or edit [requirements](project/requirements/index.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | Authors and assignees can modify the title and description even if they don't have the Reporter role. |
+| Import or export [requirements](project/requirements/index.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Archive [test cases](../ci/test_cases/index.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Create [test cases](../ci/test_cases/index.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Move [test cases](../ci/test_cases/index.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Reopen [test cases](../ci/test_cases/index.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Manage [Feature flags](../operations/feature_flags.md) | | | | ✓ | ✓ | ✓ | |
+| Delete issues | | ✓ | | | | ✓ | |
Project permissions for [tasks](tasks.md):
-| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
-|-------------------|:-----:|:--------:|:---------:|:----------:|:-----:|-------|
-| View tasks | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Create tasks | ✓ | ✓ | ✓ | ✓ | ✓ | Guest users can create tasks for issues they authored. Authors and assignees can modify the title and description even if they don't have the Reporter role. |
-| Add a linked item | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Remove from issue | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Edit tasks | | ✓ | ✓ | ✓ | ✓ | |
-| Delete tasks | | | | | ✓ | Authors of tasks can delete them even if they don't have the Owner role. |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+| ----------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
+| View tasks | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Create tasks | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Guest users can create tasks for issues they authored. Authors and assignees can modify the title and description even if they don't have the Reporter role. |
+| Add a linked item | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Remove from issue | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Edit tasks | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Add internal note | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Delete tasks | | ✓ | | | | ✓ | Authors of tasks can delete them even if they don't have the Owner role. |
Project permissions for [OKRs](okrs.md):
-| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
-|-------------------------------|:-----:|:--------:|:---------:|:----------:|:-----:|-------|
-| View OKRs | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Create OKRs | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Add a child OKR | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Add a linked item | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Edit OKRs | | ✓ | ✓ | ✓ | ✓ | |
-| Change confidentiality in OKR | | ✓ | ✓ | ✓ | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+| ----------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
+| View OKRs | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Create OKRs | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Add a child OKR | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Add a linked item | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Edit OKRs | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Change confidentiality in OKR | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Add internal note | | ✓ | ✓ | ✓ | ✓ | ✓ | |
Project permissions for [wikis](project/wiki/index.md):
-| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
-| ----------------- | :---: | :------: | :-------: | :--------: | :---: | ----- |
-| View wiki | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Create wiki pages | | | ✓ | ✓ | ✓ | |
-| Edit wiki pages | | | ✓ | ✓ | ✓ | |
-| Delete wiki pages | | | ✓ | ✓ | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+| ----------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
+| View wiki | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Create wiki pages | | ✓ | | ✓ | ✓ | ✓ | |
+| Edit wiki pages | | ✓ | | ✓ | ✓ | ✓ | |
+| Delete wiki pages | | ✓ | | ✓ | ✓ | ✓ | |
### Packages and registry
Project permissions for [container registry](../user/packages/index.md):
-| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
-|-------------------------------------------|:-----:|:--------:|:---------:|:----------:|:-----:|-------|
-| Pull an image from the container registry | ✓ | ✓ | ✓ | ✓ | ✓ | The ability to view the container registry and pull images is controlled by the [container registry's visibility permissions](packages/container_registry/index.md#container-registry-visibility-permissions). |
-| Push an image to the container registry | | | ✓ | ✓ | ✓ | |
-| Delete a container registry image | | | ✓ | ✓ | ✓ | |
-| Manage cleanup policies | | | | ✓ | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+| ----------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
+| Pull an image from the container registry | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | The ability to view the container registry and pull images is controlled by the [container registry's visibility permissions](packages/container_registry/index.md#container-registry-visibility-permissions). |
+| Push an image to the container registry | | | | ✓ | ✓ | ✓ | |
+| Delete a container registry image | | | | ✓ | ✓ | ✓ | |
+| Manage cleanup policies | | | | | ✓ | ✓ | |
Project permissions for [package registry](../user/packages/index.md):
-| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
-|-----------------------------------------|:-----:|:--------:|:---------:|:----------:|:-----:|-------|
-| Pull a package | ✓ | ✓ | ✓ | ✓ | ✓ | On self-managed GitLab instances, users with the Guest role are able to perform this action only on public and internal projects (not on private projects). [External users](../administration/external_users.md) must be given explicit access (at least the **Reporter** role) even if the project is internal. Users with the Guest role on GitLab.com are only able to perform this action on public projects because internal visibility is not available. |
-| Publish a package | | | ✓ | ✓ | ✓ | |
-| Delete a package | | | | ✓ | ✓ | |
-| Delete a file associated with a package | | | | ✓ | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+| --------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
+| Pull a package | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | On self-managed GitLab instances, users with the Guest role are able to perform this action only on public and internal projects (not on private projects). [External users](../administration/external_users.md) must be given explicit access (at least the **Reporter** role) even if the project is internal. Users with the Guest role on GitLab.com are only able to perform this action on public projects because internal visibility is not available. |
+| Publish a package | | | | ✓ | ✓ | ✓ | |
+| Delete a package | | | | | ✓ | ✓ | |
+| Delete a file associated with a package | | | | | ✓ | ✓ | |
### Projects
Project permissions for [project features](project/organize_work_with_projects.md):
-| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
-|---------------------------------------------------------------------------|:-----:|:--------:|:---------:|:----------:|:-----:|-------|
-| Download project | ✓ | ✓ | ✓ | ✓ | ✓ | On self-managed GitLab instances, users with the Guest role are able to perform this action only on public and internal projects (not on private projects). [External users](../administration/external_users.md) must be given explicit access (at least the **Reporter** role) even if the project is internal. Users with the Guest role on GitLab.com are only able to perform this action on public projects because internal visibility is not available. |
-| Leave comments | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Reposition comments on images (posted by any user) | ✓ | ✓ | ✓ | ✓ | ✓ | Applies only to comments on [Design Management](project/issues/design_management.md) designs. |
-| View [Insights](project/insights/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| View [Requirements](project/requirements/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| View [time tracking](project/time_tracking.md) reports | ✓ | ✓ | ✓ | ✓ | ✓ | On self-managed GitLab instances, users with the Guest role are able to perform this action only on public and internal projects (not on private projects). [External users](../administration/external_users.md) must be given explicit access (at least the **Reporter** role) even if the project is internal. Users with the Guest role on GitLab.com are only able to perform this action on public projects because internal visibility is not available. |
-| View [snippets](snippets.md) | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| View [project traffic statistics](../api/project_statistics.md) | | ✓ | ✓ | ✓ | ✓ | |
-| Create [snippets](snippets.md) | | ✓ | ✓ | ✓ | ✓ | |
-| View [releases](project/releases/index.md) | | | ✓ | ✓ | ✓ | Guest users can access GitLab [**Releases**](project/releases/index.md) for downloading assets but are not allowed to download the source code nor see [repository information like commits and release evidence](project/releases/index.md#view-a-release-and-download-assets). |
-| Manage [releases](project/releases/index.md) | | | | ✓ | ✓ | If the [tag is protected](project/protected_tags.md), this depends on the access given to Developers and Maintainers. |
-| Configure [webhooks](project/integrations/webhooks.md) | | | | ✓ | ✓ | |
-| Manage [project access tokens](project/settings/project_access_tokens.md) | | | | ✓ | ✓ | For self-managed GitLab, project access tokens are available in all tiers. For GitLab.com, project access tokens are supported in the Premium and Ultimate tier (excluding [trial licenses](https://about.gitlab.com/free-trial/)). |
-| [Export project](project/settings/import_export.md) | | | | ✓ | ✓ | |
-| Rename project | | | | ✓ | ✓ | |
-| Edit project badges | | | | ✓ | ✓ | |
-| Edit project settings | | | | ✓ | ✓ | |
-| Change [project features visibility](public_access.md) level | | | | ✓ | ✓ | A Maintainer or Owner can't change project features visibility level if [project visibility](public_access.md) is set to private. |
-| Edit comments (posted by any user) | | | | ✓ | ✓ | |
-| Add [deploy keys](project/deploy_keys/index.md) | | | | ✓ | ✓ | |
-| Manage [Project Operations](../operations/index.md) | | | | ✓ | ✓ | |
-| View [Usage Quotas](storage_usage_quotas.md) page | | | | ✓ | ✓ | |
-| Globally delete [snippets](snippets.md) | | | | ✓ | ✓ | |
-| Globally edit [snippets](snippets.md) | | | | ✓ | ✓ | |
-| Archive project | | | | | ✓ | |
-| Change project visibility level | | | | | ✓ | |
-| Delete project | | | | | ✓ | |
-| Disable notification emails | | | | | ✓ | |
-| Transfer project | | | | | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+| ------------------------------------------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
+| Download project | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | On self-managed GitLab instances, users with the Guest role are able to perform this action only on public and internal projects (not on private projects). [External users](../administration/external_users.md) must be given explicit access (at least the **Reporter** role) even if the project is internal. Users with the Guest role on GitLab.com are only able to perform this action on public projects because internal visibility is not available. |
+| Leave comments | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Reposition comments on images (posted by any user) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Applies only to comments on [Design Management](project/issues/design_management.md) designs. |
+| View [Insights](project/insights/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| View [Requirements](project/requirements/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| View [time tracking](project/time_tracking.md) reports | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | On self-managed GitLab instances, users with the Guest role are able to perform this action only on public and internal projects (not on private projects). [External users](../administration/external_users.md) must be given explicit access (at least the **Reporter** role) even if the project is internal. Users with the Guest role on GitLab.com are only able to perform this action on public projects because internal visibility is not available. |
+| View [snippets](snippets.md) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| View [project traffic statistics](../api/project_statistics.md) | | | ✓ | ✓ | ✓ | ✓ | |
+| Create [snippets](snippets.md) | | | ✓ | ✓ | ✓ | ✓ | |
+| View [releases](project/releases/index.md) | | ✓ | | ✓ | ✓ | ✓ | Guest users can access GitLab [**Releases**](project/releases/index.md) for downloading assets but are not allowed to download the source code nor see [repository information like commits and release evidence](project/releases/index.md#view-a-release-and-download-assets). |
+| Manage [releases](project/releases/index.md) | | | | | ✓ | ✓ | If the [tag is protected](project/protected_tags.md), this depends on the access given to Developers and Maintainers. |
+| Configure [webhooks](project/integrations/webhooks.md) | | | | | ✓ | ✓ | |
+| Manage [project access tokens](project/settings/project_access_tokens.md) | | | | | ✓ | ✓ | For self-managed GitLab, project access tokens are available in all tiers. For GitLab.com, project access tokens are supported in the Premium and Ultimate tier (excluding [trial licenses](https://about.gitlab.com/free-trial/)). |
+| [Export project](project/settings/import_export.md) | | | | | ✓ | ✓ | |
+| Rename project | | | | | ✓ | ✓ | |
+| Edit project badges | | | | | ✓ | ✓ | |
+| Edit project settings | | | | | ✓ | ✓ | |
+| Change [project features visibility](public_access.md) level | | | | | ✓ | ✓ | A Maintainer or Owner can't change project features visibility level if [project visibility](public_access.md) is set to private. |
+| Edit comments (posted by any user) | | | | | ✓ | ✓ | |
+| Add [deploy keys](project/deploy_keys/index.md) | | | | | ✓ | ✓ | |
+| Manage [Project Operations](../operations/index.md) | | | | | ✓ | ✓ | |
+| View [Usage Quotas](storage_usage_quotas.md) page | | | | | ✓ | ✓ | |
+| Globally delete [snippets](snippets.md) | | | | | ✓ | ✓ | |
+| Globally edit [snippets](snippets.md) | | | | | ✓ | ✓ | |
+| Archive project | | | | | | ✓ | |
+| Change project visibility level | | | | | | ✓ | |
+| Delete project | | | | | | ✓ | |
+| Disable notification emails | | | | | | ✓ | |
+| Transfer project | | | | | | ✓ | |
Project permissions for [GitLab Pages](project/pages/index.md):
-| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
-|-----------------------------------------------------------------------------------------|:-----:|:--------:|:---------:|:----------:|:-----:|-------|
-| View GitLab Pages protected by [access control](project/pages/pages_access_control.md) | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Manage GitLab Pages | | | | ✓ | ✓ | |
-| Manage GitLab Pages domain and certificates | | | | ✓ | ✓ | |
-| Remove GitLab Pages | | | | ✓ | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+| -------------------------------------------------------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
+| View GitLab Pages protected by [access control](project/pages/pages_access_control.md) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Manage GitLab Pages | | | | | ✓ | ✓ | |
+| Manage GitLab Pages domain and certificates | | | | | ✓ | ✓ | |
+| Remove GitLab Pages | | | | | ✓ | ✓ | |
### Repository
Project permissions for [repository](project/repository/index.md) features including source code, branches, push rules, and more:
-| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
-|-----------------------------------------------------------------------|:-----:|:--------:|:---------:|:----------:|:-----:|-------|
-| View project code | ✓ | ✓ | ✓ | ✓ | ✓ | On self-managed GitLab instances, users with the Guest role are able to perform this action only on public and internal projects (not on private projects). [External users](../administration/external_users.md) must be given explicit access (at least the **Reporter** role) even if the project is internal. Users with the Guest role on GitLab.com are only able to perform this action on public projects because internal visibility is not available. In GitLab 15.9 and later, users with the Guest role and an Ultimate license can view private repository content if an administrator (on self-managed or GitLab Dedicated) or group owner (on GitLab.com) gives those users permission. The administrator or group owner can create a [custom role](custom_roles.md) through the API or UI and assign that role to the users. |
-| Pull project code | ✓ | ✓ | ✓ | ✓ | ✓ | On self-managed GitLab instances, users with the Guest role are able to perform this action only on public and internal projects (not on private projects). [External users](../administration/external_users.md) must be given explicit access (at least the **Reporter** role) even if the project is internal. Users with the Guest role on GitLab.com are only able to perform this action on public projects because internal visibility is not available. |
-| View commit status | | ✓ | ✓ | ✓ | ✓ | |
-| Create commit status | | | ✓ | ✓ | ✓ | If the [branch is protected](project/repository/branches/protected.md), this depends on the access given to Developers and Maintainers. |
-| Update commit status | | | ✓ | ✓ | ✓ | If the [branch is protected](project/repository/branches/protected.md), this depends on the access given to Developers and Maintainers. |
-| Create [Git tags](project/repository/tags/index.md) | | | ✓ | ✓ | ✓ | |
-| Delete [Git tags](project/repository/tags/index.md) | | | ✓ | ✓ | ✓ | |
-| Create new [branches](project/repository/branches/index.md) | | | ✓ | ✓ | ✓ | |
-| Delete non-protected branches | | | ✓ | ✓ | ✓ | |
-| Force push to non-protected branches | | | ✓ | ✓ | ✓ | |
-| Push to non-protected branches | | | ✓ | ✓ | ✓ | |
-| Manage [protected branches](project/repository/branches/protected.md) | | | | ✓ | ✓ | |
-| Delete protected branches | | | | ✓ | ✓ | |
-| Push to protected branches | | | | ✓ | ✓ | If the [branch is protected](project/repository/branches/protected.md), this depends on the access given to Developers and Maintainers. |
-| Manage [protected tags](project/protected_tags.md) | | | | ✓ | ✓ | |
-| Manage [push rules](project/repository/push_rules.md) | | | | ✓ | ✓ | |
-| Remove fork relationship | | | | | ✓ | |
-| Force push to protected branches | | | | | | Not allowed for Guest, Reporter, Developer, Maintainer, or Owner. See [protected branches](project/repository/branches/protected.md#allow-force-push-on-a-protected-branch). |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+| --------------------------------------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
+| View project code | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | On self-managed GitLab instances, users with the Guest role are able to perform this action only on public and internal projects (not on private projects). [External users](../administration/external_users.md) must be given explicit access (at least the **Reporter** role) even if the project is internal. Users with the Guest role on GitLab.com are only able to perform this action on public projects because internal visibility is not available. In GitLab 15.9 and later, users with the Guest role and an Ultimate license can view private repository content if an administrator (on self-managed or GitLab Dedicated) or group owner (on GitLab.com) gives those users permission. The administrator or group owner can create a [custom role](custom_roles.md) through the API or UI and assign that role to the users. |
+| Pull project code | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | On self-managed GitLab instances, users with the Guest role are able to perform this action only on public and internal projects (not on private projects). [External users](../administration/external_users.md) must be given explicit access (at least the **Reporter** role) even if the project is internal. Users with the Guest role on GitLab.com are only able to perform this action on public projects because internal visibility is not available. |
+| View commit status | | | ✓ | ✓ | ✓ | ✓ | |
+| Create commit status | | | | ✓ | ✓ | ✓ | If the [branch is protected](project/repository/branches/protected.md), this depends on the access given to Developers and Maintainers. |
+| Update commit status | | | | ✓ | ✓ | ✓ | If the [branch is protected](project/repository/branches/protected.md), this depends on the access given to Developers and Maintainers. |
+| Create [Git tags](project/repository/tags/index.md) | | | | ✓ | ✓ | ✓ | |
+| Delete [Git tags](project/repository/tags/index.md) | | | | ✓ | ✓ | ✓ | |
+| Create new [branches](project/repository/branches/index.md) | | | | ✓ | ✓ | ✓ | |
+| Delete non-protected branches | | | | ✓ | ✓ | ✓ | |
+| Force push to non-protected branches | | | | ✓ | ✓ | ✓ | |
+| Push to non-protected branches | | | | ✓ | ✓ | ✓ | |
+| Manage [protected branches](project/repository/branches/protected.md) | | | | | ✓ | ✓ | |
+| Delete protected branches | | | | | ✓ | ✓ | |
+| Push to protected branches | | | | | ✓ | ✓ | If the [branch is protected](project/repository/branches/protected.md), this depends on the access given to Developers and Maintainers. |
+| Manage [protected tags](project/protected_tags.md) | | | | | ✓ | ✓ | |
+| Manage [push rules](project/repository/push_rules.md) | | | | | ✓ | ✓ | |
+| Remove fork relationship | | | | | | ✓ | |
+| Force push to protected branches | | | | | | | Not allowed for Guest, Reporter, Developer, Maintainer, or Owner. See [protected branches](project/repository/branches/protected.md#allow-force-push-on-a-protected-branch). |
Project permissions for [merge requests](project/merge_requests/index.md):
-| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
-|--------------------------------------------------------------------------------------------------------------|:-----:|:--------:|:---------:|:----------:|:-----:|-------|
-| [View](project/merge_requests/index.md#view-merge-requests) a merge request | ✓ | ✓ | ✓ | ✓ | ✓ | On self-managed GitLab instances, users with the Guest role are able to perform this action only on public and internal projects (not on private projects). [External users](../administration/external_users.md) must be given explicit access (at least the **Reporter** role) even if the project is internal. Users with the Guest role on GitLab.com are only able to perform this action on public projects because internal visibility is not available. |
-| Create [snippets](snippets.md) | | ✓ | ✓ | ✓ | ✓ | |
-| Create [merge request](project/merge_requests/creating_merge_requests.md) | | | ✓ | ✓ | ✓ | In projects that accept contributions from external members, users can create, edit, and close their own merge requests. For **private** projects, this excludes the Guest role as those users [cannot clone private projects](public_access.md#private-projects-and-groups). For **internal** projects, includes users with read-only access to the project, as [they can clone internal projects](public_access.md#internal-projects-and-groups). |
-| Update merge request including assign, review, Code Suggestions, approve, labels, lock and resolve threads | | | ✓ | ✓ | ✓ | For information on eligible approvers for merge requests, see [Eligible approvers](project/merge_requests/approvals/rules.md#eligible-approvers). |
-| Manage [merge request settings](project/merge_requests/approvals/settings.md) | | | | ✓ | ✓ | |
-| Manage [merge request approval rules](project/merge_requests/approvals/rules.md) | | | | ✓ | ✓ | |
-| Delete merge request | | | | | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+| ---------------------------------------------------------------------------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
+| [View](project/merge_requests/index.md#view-merge-requests) a merge request | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | On self-managed GitLab instances, users with the Guest role are able to perform this action only on public and internal projects (not on private projects). [External users](../administration/external_users.md) must be given explicit access (at least the **Reporter** role) even if the project is internal. Users with the Guest role on GitLab.com are only able to perform this action on public projects because internal visibility is not available. |
+| Create [snippets](snippets.md) | | | ✓ | ✓ | ✓ | ✓ | |
+| Create [merge request](project/merge_requests/creating_merge_requests.md) | | | | ✓ | ✓ | ✓ | In projects that accept contributions from external members, users can create, edit, and close their own merge requests. For **private** projects, this excludes the Guest role as those users [cannot clone private projects](public_access.md#private-projects-and-groups). For **internal** projects, includes users with read-only access to the project, as [they can clone internal projects](public_access.md#internal-projects-and-groups). |
+| Update merge request including assign, review, Code Suggestions, approve, labels, lock and resolve threads | | | | ✓ | ✓ | ✓ | For information on eligible approvers for merge requests, see [Eligible approvers](project/merge_requests/approvals/rules.md#eligible-approvers). |
+| Manage [merge request settings](project/merge_requests/approvals/settings.md) | | | | | ✓ | ✓ | |
+| Manage [merge request approval rules](project/merge_requests/approvals/rules.md) | | | | | ✓ | ✓ | |
+| Add internal note | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Delete merge request | | | | | | ✓ | |
### User management
Project permissions for [user management](project/members/index.md).
-| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
-|-------------------------------------------------|:-----:|:--------:|:---------:|:----------:|:-----:|-------|
-| Manage [team members](project/members/index.md) | | | | ✓ | ✓ | Maintainers cannot create, demote, or remove Owners, and they cannot promote users to the Owner role. They also cannot approve Owner role access requests. |
-| Share (invite) projects with groups | | | | ✓ | ✓ | When [Share Group Lock](project/members/sharing_projects_groups.md#prevent-a-project-from-being-shared-with-groups) is enabled the project can't be shared with other groups. It does not affect group with group sharing. |
-| View 2FA status of members | | | | ✓ | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+| ----------------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
+| Manage [team members](project/members/index.md) | | | | | ✓ | ✓ | Maintainers cannot create, demote, or remove Owners, and they cannot promote users to the Owner role. They also cannot approve Owner role access requests. |
+| Share (invite) projects with groups | | | | | ✓ | ✓ | When [Share Group Lock](project/members/sharing_projects_groups.md#prevent-a-project-from-being-shared-with-groups) is enabled the project can't be shared with other groups. It does not affect group with group sharing. |
+| View 2FA status of members | | | | | ✓ | ✓ | |
### GitLab Duo
Project permissions for [GitLab Duo](gitlab_duo/index.md):
-| Action | Non-member | Guest | Reporter | Developer | Maintainer | Owner | Notes |
-| -------------------------------------------------------------------------------------- | ---------- | ----- | -------- | --------- | ---------- | ----- | ----- |
-| Use Duo features | | ✓ | ✓ | ✓ | ✓ | ✓ | Code Suggestions requires a [user being assigned a seat to gain access to a Duo add-on](../subscriptions/subscription-add-ons.md#assign-gitlab-duo-seats). |
-| Configure [Duo feature availability](gitlab_duo/turn_on_off.md#turn-off-for-a-project) | | | | | ✓ | ✓ | |
+| Action | Non-member | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+| -------------------------------------------------------------------------------------- | ---------- | ----- | ------- | -------- | --------- | ---------- | ----- | ----- |
+| Use Duo features | | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Code Suggestions requires a [user being assigned a seat to gain access to a Duo add-on](../subscriptions/subscription-add-ons.md#assign-gitlab-duo-seats). |
+| Configure [Duo feature availability](gitlab_duo/turn_on_off.md#turn-off-for-a-project) | | | | | | ✓ | ✓ | |
## Group members permissions
@@ -404,177 +409,178 @@ The following table lists group permissions available for each role:
Group permission for [analytics](../user/analytics/index.md) features including value streams, product analytics, and insights:
-| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
-|-----------------------------------------------------------------------------------------|:-----:|:--------:|:---------:|:----------:|:-----:|-------|
-| View [Insights](project/insights/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| View [Insights](project/insights/index.md) charts | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| View [Issue analytics](group/issues_analytics/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| View Contribution analytics | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| View value stream analytics | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| View [Productivity analytics](analytics/productivity_analytics.md) | | ✓ | ✓ | ✓ | ✓ | |
-| View [Group DevOps Adoption](group/devops_adoption/index.md) | | ✓ | ✓ | ✓ | ✓ | |
-| View metrics dashboard annotations | | ✓ | ✓ | ✓ | ✓ | |
-| Create/edit/delete metrics dashboard annotations | | | ✓ | ✓ | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+| ------------------------------------------------------------------ | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
+| View [Insights](project/insights/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| View [Insights](project/insights/index.md) charts | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| View [Issue analytics](group/issues_analytics/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| View Contribution analytics | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| View value stream analytics | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| View [Productivity analytics](analytics/productivity_analytics.md) | | | ✓ | ✓ | ✓ | ✓ | |
+| View [Group DevOps Adoption](group/devops_adoption/index.md) | | | ✓ | ✓ | ✓ | ✓ | |
+| View metrics dashboard annotations | | | ✓ | ✓ | ✓ | ✓ | |
+| Create/edit/delete metrics dashboard annotations | | | | ✓ | ✓ | ✓ | |
### Application security group permissions
Group permissions for [Application Security](application_security/secure_your_application.md) features including dependency management, security analyzers, security policies, and vulnerability management.
-| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
-|------------------------------------------------------------------------------------|:-----:|:--------:|:---------:|:----------:|:-----:|-------|
-| View [dependency list](application_security/dependency_list/index.md) | | | ✓ | ✓ | ✓ | |
-| View [vulnerability report](application_security/vulnerability_report/index.md) | | | ✓ | ✓ | ✓ | |
-| View [security dashboard](application_security/security_dashboard/index.md) | | | ✓ | ✓ | ✓ | |
-| Create [security policy project](application_security/policies/index.md) | | | | | ✓ | |
-| Assign [security policy project](application_security/policies/index.md) | | | | | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+| ------------------------------------------------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
+| View [dependency list](application_security/dependency_list/index.md) | | | | ✓ | ✓ | ✓ | |
+| View [vulnerability report](application_security/vulnerability_report/index.md) | | | | ✓ | ✓ | ✓ | |
+| View [security dashboard](application_security/security_dashboard/index.md) | | | | ✓ | ✓ | ✓ | |
+| Create [security policy project](application_security/policies/index.md) | | | | | | ✓ | |
+| Assign [security policy project](application_security/policies/index.md) | | | | | | ✓ | |
### CI/CD group permissions
Group permissions for [CI/CD](../ci/index.md) features including runners, variables, and protected environments:
-| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
-|---------------------------------------|:-----:|:--------:|:---------:|:----------:|:-----:|-------|
-| View group runners | | | | ✓ | ✓ | |
-| Manage group-level Kubernetes cluster | | | | ✓ | ✓ | |
-| Manage group runners | | | | | ✓ | |
-| Manage group level CI/CD variables | | | | | ✓ | |
-| Manage group protected environments | | | | | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+| ------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
+| View group runners | | | | | ✓ | ✓ | |
+| Manage group-level Kubernetes cluster | | | | | ✓ | ✓ | |
+| Manage group runners | | | | | | ✓ | |
+| Manage group level CI/CD variables | | | | | | ✓ | |
+| Manage group protected environments | | | | | | ✓ | |
### Compliance group permissions
Group permissions for [compliance](compliance/index.md) features including compliance center, audit events, compliance frameworks, and licenses.
-| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
-|---------------------------------------------------------------------------------------|:-----:|:--------:|:---------:|:----------:|:-----:|-------|
-| View [audit events](compliance/audit_events.md) | | | ✓ | ✓ | ✓ | Users can view only events based on their individual actions. For more details, see the [prerequisites](compliance/audit_events.md#prerequisites). |
-| View licenses in the [dependency list](application_security/dependency_list/index.md) | | | ✓ | ✓ | ✓ | |
-| View the [compliance center](compliance/compliance_center/index.md) | | | | | ✓ | |
-| Manage [compliance frameworks](group/compliance_frameworks.md) | | | | | ✓ | |
-| Assign [compliance frameworks](group/compliance_frameworks.md) to projects | | | | | ✓ | |
-| Manage [audit streams](compliance/audit_event_streaming.md) | | | | | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+| ------------------------------------------------------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
+| View [audit events](compliance/audit_events.md) | | | | ✓ | ✓ | ✓ | Users can view only events based on their individual actions. For more details, see the [prerequisites](compliance/audit_events.md#prerequisites). |
+| View licenses in the [dependency list](application_security/dependency_list/index.md) | | | | ✓ | ✓ | ✓ | |
+| View the [compliance center](compliance/compliance_center/index.md) | | | | | | ✓ | |
+| Manage [compliance frameworks](group/compliance_frameworks.md) | | | | | | ✓ | |
+| Assign [compliance frameworks](group/compliance_frameworks.md) to projects | | | | | | ✓ | |
+| Manage [audit streams](compliance/audit_event_streaming.md) | | | | | | ✓ | |
### GitLab Duo group permissions
Group permissions for [GitLab Duo](../user/gitlab_duo/index.md):
-| Action | Non-member | Guest | Reporter | Developer | Maintainer | Owner | Notes |
-| --------------------------------------------------------------------------------------------------------- | ---------- | ----- | -------- | --------- | ---------- | ----- | ----- |
-| Use Duo features | | | ✓ | ✓ | ✓ | ✓ | Requires [user being assigned a seat to gain access to a Duo add-on](../subscriptions/subscription-add-ons.md#assign-gitlab-duo-seats). |
-| Configure [Duo feature availability](gitlab_duo/turn_on_off.md#turn-off-for-a-group) | | | | | ✓ | ✓ | |
-| Configure [self-hosted models](../administration/self_hosted_models/configure_duo_features.md) | | | | | | ✓ | |
-| Enable [beta and experimental features](gitlab_duo/turn_on_off.md#turn-on-beta-and-experimental-features) | | | | | | ✓ | |
-| Purchase [Duo seats](../subscriptions/subscription-add-ons.md#purchase-additional-gitlab-duo-seats) | | | | | | ✓ | |
+| Action | Non-member | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+| --------------------------------------------------------------------------------------------------------- | :--------: | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
+| Use Duo features | | | | ✓ | ✓ | ✓ | ✓ | Requires [user being assigned a seat to gain access to a Duo add-on](../subscriptions/subscription-add-ons.md#assign-gitlab-duo-seats). |
+| Configure [Duo feature availability](gitlab_duo/turn_on_off.md#turn-off-for-a-group) | | | | | | ✓ | ✓ | |
+| Configure [self-hosted models](../administration/self_hosted_models/configure_duo_features.md) | | | | | | | ✓ | |
+| Enable [beta and experimental features](gitlab_duo/turn_on_off.md#turn-on-beta-and-experimental-features) | | | | | | | ✓ | |
+| Purchase [Duo seats](../subscriptions/subscription-add-ons.md#purchase-additional-gitlab-duo-seats) | | | | | | | ✓ | |
### Groups group permissions
Group permissions for [group features](../user/group/index.md):
-| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
-|--------------------------------------------------------------------------------------------|-------|----------|-----------|------------|-------|-------|
-| Browse group | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Create project in group | | | ✓ | ✓ | ✓ | Developers, Maintainers and Owners: Only if the project creation role is set at the [instance level](../administration/settings/visibility_and_access_controls.md#define-which-roles-can-create-projects) or the [group level](group/index.md#specify-who-can-add-projects-to-a-group).
Developers: Developers can push commits to the default branch of a new project only if the [default branch protection](group/manage.md#change-the-default-branch-protection-of-a-group) is set to "Partially protected" or "Not protected". |
-| View group [audit events](compliance/audit_events.md) | | | ✓ | ✓ | ✓ | Developers and Maintainers can only view events based on their individual actions. For more details, see the [prerequisites](compliance/audit_events.md#prerequisites). |
-| Create subgroup | | | | ✓ | ✓ | Maintainers: Only if users with the Maintainer role [can create subgroups](group/subgroups/index.md#change-who-can-create-subgroups). |
-| Edit [epic](group/epics/index.md) comments (posted by any user) | | | | ✓ | ✓ | |
-| Fork project into a group | | | | ✓ | ✓ | |
-| View [Billing](../subscriptions/gitlab_com/index.md#view-gitlabcom-subscription) | | | | | ✓ | Does not apply to subgroups |
-| View group [Usage Quotas](storage_usage_quotas.md) page | | | | | ✓ | Does not apply to subgroups |
-| [Migrate group](group/import/index.md) | | | | | ✓ | |
-| Delete group | | | | | ✓ | |
-| Manage [subscriptions, storage, and compute minutes](../subscriptions/gitlab_com/index.md) | | | | | ✓ | |
-| Manage [group access tokens](group/settings/group_access_tokens.md) | | | | | ✓ | |
-| Change group visibility level | | | | | ✓ | |
-| Edit group settings | | | | | ✓ | |
-| Configure project templates | | | | | ✓ | |
-| Configure [SAML SSO](group/saml_sso/index.md) | | | | | ✓ | Does not apply to subgroups |
-| Disable notification emails | | | | | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+| ------------------------------------------------------------------------------------------ | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
+| Browse group | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Create project in group | | | | ✓ | ✓ | ✓ | Developers, Maintainers and Owners: Only if the project creation role is set at the [instance level](../administration/settings/visibility_and_access_controls.md#define-which-roles-can-create-projects) or the [group level](group/index.md#specify-who-can-add-projects-to-a-group).
Developers: Developers can push commits to the default branch of a new project only if the [default branch protection](group/manage.md#change-the-default-branch-protection-of-a-group) is set to "Partially protected" or "Not protected". |
+| View group [audit events](compliance/audit_events.md) | | | | ✓ | ✓ | ✓ | Developers and Maintainers can only view events based on their individual actions. For more details, see the [prerequisites](compliance/audit_events.md#prerequisites). |
+| Create subgroup | | | | | ✓ | ✓ | Maintainers: Only if users with the Maintainer role [can create subgroups](group/subgroups/index.md#change-who-can-create-subgroups). |
+| Edit [epic](group/epics/index.md) comments (posted by any user) | | ✓ | | | ✓ | ✓ | |
+| Fork project into a group | | | | | ✓ | ✓ | |
+| View [Billing](../subscriptions/gitlab_com/index.md#view-gitlabcom-subscription) | | | | | | ✓ | Does not apply to subgroups |
+| View group [Usage Quotas](storage_usage_quotas.md) page | | | | | | ✓ | Does not apply to subgroups |
+| [Migrate group](group/import/index.md) | | | | | | ✓ | |
+| Delete group | | | | | | ✓ | |
+| Manage [subscriptions, storage, and compute minutes](../subscriptions/gitlab_com/index.md) | | | | | | ✓ | |
+| Manage [group access tokens](group/settings/group_access_tokens.md) | | | | | | ✓ | |
+| Change group visibility level | | | | | | ✓ | |
+| Edit group settings | | | | | | ✓ | |
+| Configure project templates | | | | | | ✓ | |
+| Configure [SAML SSO](group/saml_sso/index.md) | | | | | | ✓ | Does not apply to subgroups |
+| Disable notification emails | | | | | | ✓ | |
### Project planning group permissions
Group permissions for project planning features including iterations, milestones, and labels:
-| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
-|-------------------------|:-----:|:--------:|:---------:|:----------:|:-----:|-------|
-| Manage group labels | | ✓ | ✓ | ✓ | ✓ | |
-| Manage group milestones | | ✓ | ✓ | ✓ | ✓ | |
-| Manage iterations | | ✓ | ✓ | ✓ | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+| ----------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
+| Manage group labels | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Manage group milestones | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Manage iterations | | ✓ | ✓ | ✓ | ✓ | ✓ | |
Group permissions for [epics](group/epics/index.md):
-| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
-|:------------------------------------------------------------------------------|:------|:---------|:----------|:-----------|:------|:------|
-| View epic | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Create epic | | ✓ | ✓ | ✓ | ✓ | |
-| Edit epic | | ✓ | ✓ | ✓ | ✓ | |
-| Delete epic | | | | | ✓ | |
-| Manage [epic boards](group/epics/epic_boards.md) | | ✓ | ✓ | ✓ | ✓ | |
-| Add issue to an [epic](group/epics/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | You must have permission to [view the epic](group/epics/manage_epics.md#who-can-view-an-epic) and edit the issue. |
-| Add/remove [child epics](group/epics/manage_epics.md#multi-level-child-epics) | ✓ | ✓ | ✓ | ✓ | ✓ | You must have permission to [view](group/epics/manage_epics.md#who-can-view-an-epic) the parent and child epics. |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+| ----------------------------------------------------------------------------- | ----- | ------- | -------- | --------- | ---------- | ----- | ----- |
+| View epic | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Create epic | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Edit epic | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Delete epic | | ✓ | | | | ✓ | |
+| Manage [epic boards](group/epics/epic_boards.md) | | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Add issue to an [epic](group/epics/index.md) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | You must have permission to [view the epic](group/epics/manage_epics.md#who-can-view-an-epic) and edit the issue. |
+| Add/remove [child epics](group/epics/manage_epics.md#multi-level-child-epics) | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | You must have permission to [view](group/epics/manage_epics.md#who-can-view-an-epic) the parent and child epics. |
+| Add internal note | | ✓ | ✓ | ✓ | ✓ | ✓ | |
Group permissions for [wikis](project/wiki/group.md):
-| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
-|----------------------------------|:-----:|:--------:|:---------:|:----------:|:-----:|-------|
-| View group wiki | ✓ | ✓ | ✓ | ✓ | ✓ | Guests: In addition, if your group is public or internal, all users who can see the group can also see group wiki pages. |
-| Create group wiki pages | | | ✓ | ✓ | ✓ | |
-| Edit group wiki pages | | | ✓ | ✓ | ✓ | |
-| Delete group wiki pages | | | ✓ | ✓ | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+| ----------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
+| View group wiki | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Guests: In addition, if your group is public or internal, all users who can see the group can also see group wiki pages. |
+| Create group wiki pages | | ✓ | | ✓ | ✓ | ✓ | |
+| Edit group wiki pages | | ✓ | | ✓ | ✓ | ✓ | |
+| Delete group wiki pages | | ✓ | | ✓ | ✓ | ✓ | |
### Packages and registries group permissions
Group permissions for [container registry](../user/packages/index.md):
-| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
-|---------------------------------------------------|:-----:|:--------:|:---------:|:----------:|:-----:|-------|
-| Pull a container registry image | ✓ | ✓ | ✓ | ✓ | ✓ | Guests can only view events based on their individual actions. |
-| Pull a container image using the dependency proxy | ✓ | ✓ | ✓ | ✓ | ✓ | |
-| Delete a container registry image | | | ✓ | ✓ | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+| ------------------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
+| Pull a container registry image | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | Guests can only view events based on their individual actions. |
+| Pull a container image using the dependency proxy | ✓ | ✓ | ✓ | ✓ | ✓ | ✓ | |
+| Delete a container registry image | | | | ✓ | ✓ | ✓ | |
Group permissions for [package registry](../user/packages/index.md):
-| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
-| ---------------------------------------- | :---: | :------: | :-------: | :--------: | :---: | ----- |
-| Pull packages | | ✓ | ✓ | ✓ | ✓ | |
-| Publish packages | | | ✓ | ✓ | ✓ | |
-| Delete packages | | | | ✓ | ✓ | |
-| Manage package settings | | | | | ✓ | |
-| Manage dependency proxy cleanup policies | | | | | ✓ | |
-| Enable dependency proxy | | | | | ✓ | |
-| Disable dependency proxy | | | | | ✓ | |
-| Purge the dependency proxy for a group | | | | | ✓ | |
-| Enable package request forwarding | | | | | ✓ | |
-| Disable package request forwarding | | | | | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+| ---------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
+| Pull packages | | | ✓ | ✓ | ✓ | ✓ | |
+| Publish packages | | | | ✓ | ✓ | ✓ | |
+| Delete packages | | | | | ✓ | ✓ | |
+| Manage package settings | | | | | | ✓ | |
+| Manage dependency proxy cleanup policies | | | | | | ✓ | |
+| Enable dependency proxy | | | | | | ✓ | |
+| Disable dependency proxy | | | | | | ✓ | |
+| Purge the dependency proxy for a group | | | | | | ✓ | |
+| Enable package request forwarding | | | | | | ✓ | |
+| Disable package request forwarding | | | | | | ✓ | |
### Repository group permissions
Group permissions for [repository](project/repository/index.md) features including merge requests, push rules, and deploy tokens.
-| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
-|----------------------------------------------------------------------------------------|:-----:|:--------:|:---------:|:----------:|:-----:|-------|
-| Manage [deploy tokens](project/deploy_tokens/index.md) | | | | | ✓ | |
-| Manage [merge request settings](group/manage.md#group-merge-request-approval-settings) | | | | | ✓ | |
-| Manage [push rules](group/access_and_permissions.md#group-push-rules) | | | | | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+| -------------------------------------------------------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
+| Manage [deploy tokens](project/deploy_tokens/index.md) | | | | | | ✓ | |
+| Manage [merge request settings](group/manage.md#group-merge-request-approval-settings) | | | | | | ✓ | |
+| Manage [push rules](group/access_and_permissions.md#group-push-rules) | | | | | | ✓ | |
### User management group permissions
Group permissions for user management:
-| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
-| ------------------------------- | :---: | :------: | :-------: | :--------: | :---: | ----- |
-| View 2FA status of members | | | | | ✓ | |
-| Manage group members | | | | | ✓ | |
-| Manage group-level custom roles | | | | | ✓ | |
-| Share (invite) groups to groups | | | | | ✓ | |
-| Filter members by 2FA status | | | | | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+| ------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
+| View 2FA status of members | | | | | | ✓ | |
+| Manage group members | | | | | | ✓ | |
+| Manage group-level custom roles | | | | | | ✓ | |
+| Share (invite) groups to groups | | | | | | ✓ | |
+| Filter members by 2FA status | | | | | | ✓ | |
### Workspace group permissions
Groups permissions for workspaces:
-| Action | Guest | Reporter | Developer | Maintainer | Owner | Notes |
-| --------------------------------------------------------- | :---: | :------: | :-------: | :--------: | :---: | ----- |
-| View workspace cluster agents mapped to a group | | | | ✓ | ✓ | |
-| Map or unmap workspace cluster agents to and from a group | | | | | ✓ | |
+| Action | Guest | Planner | Reporter | Developer | Maintainer | Owner | Notes |
+| --------------------------------------------------------- | :---: | :-----: | :------: | :-------: | :--------: | :---: | ----- |
+| View workspace cluster agents mapped to a group | | | | | ✓ | ✓ | |
+| Map or unmap workspace cluster agents to and from a group | | | | | | ✓ | |
## Subgroup permissions
diff --git a/doc/user/project/issue_board.md b/doc/user/project/issue_board.md
index b4bcabbd1d57204ec05a324f4a56184f0cb57ab8..9904215859091cab81bf31b7ab03002330bf9ec1 100644
--- a/doc/user/project/issue_board.md
+++ b/doc/user/project/issue_board.md
@@ -12,6 +12,7 @@ DETAILS:
> - Milestones and iterations shown on issue cards [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/25758) in GitLab 16.11.
> - Ability to delete the last board in a group or project [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/499579) in GitLab 17.6.
+> - Minimum role to manage issue boards [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
The issue board is a software project management tool used to plan,
organize, and visualize a workflow for a feature or product release.
@@ -78,7 +79,7 @@ GitLab automatically loads the last board you visited.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To create a new issue board:
@@ -90,7 +91,7 @@ To create a new issue board:
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To delete the open issue board:
@@ -230,7 +231,7 @@ card includes:
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
When an issue is created, the system assigns a relative order value that is greater than the maximum value
of that issue's project or top-level group. This means the issue is at the bottom of any issue list that
@@ -318,7 +319,7 @@ You can have a board with both label lists and assignee lists.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To add an assignee list:
@@ -344,7 +345,7 @@ milestone, giving you more freedom and visibility on the issue board.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To add a milestone list:
@@ -369,7 +370,7 @@ You can create lists of issues in an iteration.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To add an iteration list:
@@ -398,7 +399,7 @@ For a video overview, see [Epics Swimlanes Walkthrough - 13.6](https://www.youtu
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To group issues by epic in an issue board:
@@ -436,7 +437,7 @@ Examples:
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To set a WIP limit for a list, in an issue board:
@@ -479,7 +480,7 @@ To open the right sidebar, select an issue card (not its title).
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
You can edit the following issue attributes in the right sidebar:
@@ -537,7 +538,7 @@ list view that's removed. You can always create it again later if you need.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To remove a list from an issue board:
@@ -550,7 +551,7 @@ To remove a list from an issue board:
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
If your board is scoped to one or more attributes, go to the issues you want to add and apply the
same attributes as your board scope.
@@ -568,7 +569,7 @@ When an issue should no longer belong to a list, you can remove it.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
The steps depend on the scope of the list:
@@ -583,7 +584,7 @@ the results you want. It's similar to the filtering used in the [issue tracker](
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
You can filter by the following:
@@ -614,7 +615,7 @@ You can move issues and lists by dragging them.
Prerequisites:
-- You must have at least the Reporter role for a project in GitLab.
+- You must have at least the Planner role for a project in GitLab.
To move an issue, select the issue card and drag it to another position in its current list or
into a different list. Learn about possible effects in [Dragging issues between lists](#dragging-issues-between-lists).
@@ -632,7 +633,7 @@ Your issue is moved to the top of the list even if other issues are hidden by a
Prerequisites:
-- You must at least have the Reporter role for the project.
+- You must at least have the Planner role for the project.
To move an issue to the start of the list:
@@ -649,7 +650,7 @@ Your issue is moved to the bottom of the list even if other issues are hidden by
Prerequisites:
-- You must at least have the Reporter role for the project.
+- You must at least have the Planner role for the project.
To move an issue to the end of the list:
@@ -685,7 +686,7 @@ another list. This makes it faster to reorder many issues at once.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To select and move multiple cards:
diff --git a/doc/user/project/issues/confidential_issues.md b/doc/user/project/issues/confidential_issues.md
index 7c135e1ae8da95b58b09ce05c7e52a9fefd0a44d..09d9d5945c8db596dba20c84317630bcf1b09c5d 100644
--- a/doc/user/project/issues/confidential_issues.md
+++ b/doc/user/project/issues/confidential_issues.md
@@ -17,11 +17,13 @@ keep security vulnerabilities private or prevent surprises from leaking out.
## Make an issue confidential
+> - Minimum role to make an issue confidential [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
+
You can make an issue confidential when you create or edit an issue.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
- If the issue you want to make confidential has any child [tasks](../../tasks.md),
you must first make all the child tasks confidential.
A confidential issue can have only confidential children.
@@ -57,7 +59,9 @@ Alternatively, you can use the `/confidential` [quick action](../quick_actions.m
## Who can see confidential issues
-When an issue is made confidential, only users with at least the Reporter role
+> - Minimum role to see confidential issues [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
+
+When an issue is made confidential, only users with at least the Planner role
for the project have access to the issue.
Users with Guest or [Minimal](../../permissions.md#users-with-minimal-access) roles can't access
the issue even if they were actively participating before the change.
diff --git a/doc/user/project/issues/csv_export.md b/doc/user/project/issues/csv_export.md
index 698b1c0193d23248833a00c3e36e6a221f9e8ab9..0ae82b4a8a760dd3c0c43c16ed4af037969d490f 100644
--- a/doc/user/project/issues/csv_export.md
+++ b/doc/user/project/issues/csv_export.md
@@ -10,6 +10,8 @@ DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** GitLab.com, Self-managed, GitLab Dedicated
+> - Minimum role to export issues [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
+
You can export issues from GitLab to a plain-text CSV
([comma-separated values](https://en.wikipedia.org/wiki/Comma-separated_values))
file. The CSV file is attached to an email, and sent to your default
@@ -37,7 +39,7 @@ You can export issues from individual projects, but not groups.
Prerequisites:
-- You must have at least the Reporter role.
+- You must have at least the Planner role.
1. On the left sidebar, select **Search or go to** and find your project.
1. Select **Plan > Issues**.
diff --git a/doc/user/project/issues/design_management.md b/doc/user/project/issues/design_management.md
index 164a3eaaca9d22929573438dc7b1020a64de51dc..22565cfa0512509fa9f30018e5db761e7387633d 100644
--- a/doc/user/project/issues/design_management.md
+++ b/doc/user/project/issues/design_management.md
@@ -102,10 +102,11 @@ To move around the image while zoomed in, drag the image.
> - Ability to edit the description [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/388449) in GitLab 16.1.
> - Minimum role to add a design to an issue [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/147053) from Developer to Reporter in GitLab 16.11.
+> - Minimum role to add a design to an issue [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
- The names of the uploaded files must be no longer than 255 characters.
To add a design to an issue:
@@ -137,12 +138,13 @@ To add a design to an issue:
## Add a new version of a design
> - Minimum role to add a new version of a design [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/147053) from Developer to Reporter in GitLab 16.11.
+> - Minimum role to add a new version of a design [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
As discussion on a design continues, you might want to upload a new version of a design.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To do so, [add a design](#add-a-design-to-an-issue) with the same filename.
@@ -158,6 +160,7 @@ When designs are skipped, a warning message is displayed.
## Archive a design
> - Minimum role to archive a design [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/147053) from Developer to Reporter in GitLab 16.11.
+> - Minimum role to archive a design [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
You can archive individual designs or select a few of them to archive at once.
@@ -170,7 +173,7 @@ URL.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
- You can archive only the latest version of a design.
To archive a single design:
@@ -233,10 +236,11 @@ so that everyone involved can participate in the discussion.
## Delete a comment from a design
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/385100) in GitLab 15.9.
+> Minimum role to delete comment from a design [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To delete a comment from a design:
diff --git a/doc/user/project/issues/due_dates.md b/doc/user/project/issues/due_dates.md
index a92abe222086465de6096619f1fa6ddaf92c60d5..86c1b07417a5e89c3427df76efc2037fd620e482 100644
--- a/doc/user/project/issues/due_dates.md
+++ b/doc/user/project/issues/due_dates.md
@@ -10,8 +10,10 @@ DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** GitLab.com, Self-managed, GitLab Dedicated
+> - Minimum role to set due dates [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
+
Due dates can be used in [issues](index.md) to keep track of deadlines and make sure features are
-shipped on time. Users need at least the Reporter role
+shipped on time. Users need at least the Planner role
to be able to edit the due date. All users with permission to view
the issue can view the due date.
diff --git a/doc/user/project/issues/issue_weight.md b/doc/user/project/issues/issue_weight.md
index a3f449dcb262641634655b86b9523d6f008dc52f..20aa911bde4c8b78c7c0f10fe54c8fda72d05755 100644
--- a/doc/user/project/issues/issue_weight.md
+++ b/doc/user/project/issues/issue_weight.md
@@ -28,9 +28,11 @@ You can view the issue weight on:
## Set the issue weight
+> - Minimum role to set issue weight [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
+
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
You can set the issue weight when you create or edit an issue.
@@ -64,9 +66,11 @@ To set the issue weight when you [edit an issue from an issue board](../issue_bo
## Remove issue weight
+> - Minimum role to remove issue weight [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
+
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To remove the issue weight, follow the same steps as when you [set the issue weight](#set-the-issue-weight),
and select **remove weight**.
diff --git a/doc/user/project/issues/managing_issues.md b/doc/user/project/issues/managing_issues.md
index bf09eb7cb47640fee8b20997fb5f531b1a0e186f..062f09d16d4c60bba96e6ca864739ec6427515e8 100644
--- a/doc/user/project/issues/managing_issues.md
+++ b/doc/user/project/issues/managing_issues.md
@@ -14,11 +14,13 @@ After you create an issue, you can start working with it.
## Edit an issue
+> - Minimum role to edit an issue [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
+
You can edit an issue's title and description.
Prerequisites:
-- You must have at least the Reporter role for the project, be the author of the issue, or be assigned to the issue.
+- You must have at least the Planner role for the project, be the author of the issue, or be assigned to the issue.
To edit an issue:
@@ -64,11 +66,13 @@ the [large language model listed on the GitLab Duo page](../../gitlab_duo/index.
## Bulk edit issues from a project
+> - Minimum role to bulk edit issues from a project [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
+
You can edit multiple issues at a time when you're in a project.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To edit multiple issues at the same time:
@@ -93,15 +97,13 @@ When bulk editing issues in a project, you can edit the following attributes:
### Bulk edit issues from a group
-DETAILS:
-**Tier:** Premium, Ultimate
-**Offering:** GitLab.com, Self-managed, GitLab Dedicated
+> - Minimum role to bulk edit issues from a group [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
You can edit multiple issues across multiple projects when you're in a group.
Prerequisites:
-- You must have at least the Reporter role for a group.
+- You must have at least the Planner role for a group.
To edit multiple issues at the same time:
@@ -122,6 +124,8 @@ When bulk editing issues in a group, you can edit the following attributes:
## Move an issue
+> - Minimum role to move an issue [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
+
When you move an issue, it's closed and copied to the target project.
The original issue is not deleted. A [system note](../system_notes.md), which indicates
where it came from and went to, is added to both issues.
@@ -130,7 +134,7 @@ Be careful when moving an issue to a project with different access rules. Before
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To move an issue:
@@ -159,6 +163,8 @@ DETAILS:
**Tier:** Free, Premium, Ultimate
**Offering:** Self-managed, GitLab Dedicated
+> - Minimum role to bulk move issues [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
+
#### From the Issues page
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/15991) in GitLab 15.6.
@@ -168,7 +174,7 @@ You can't move tasks or test cases.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To move multiple issues at the same time:
@@ -240,12 +246,13 @@ Any nested task list items are moved up a nested level.
### Reorder list items in the issue description
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/15260) in GitLab 15.0.
+> - Minimum role to reorder list items in the issue description [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
When you view an issue that has a list in the description, you can also reorder the list items.
Prerequisites:
-- You must have at least the Reporter role for the project, be the author of the issue, or be
+- You must have at least the Planner role for the project, be the author of the issue, or be
assigned to the issue.
- The issue's description must have an [ordered, unordered](../../markdown.md#lists), or
[task](../../markdown.md#task-lists) list.
@@ -259,12 +266,14 @@ To reorder list items, when viewing an issue:
## Close an issue
+> - Minimum role to close an issue [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
+
When you decide that an issue is resolved or no longer needed, you can close it.
The issue is marked as closed but is not deleted.
Prerequisites:
-- You must have at least the Reporter role for the project, be the author of the issue, or be assigned to the issue.
+- You must have at least the Planner role for the project, be the author of the issue, or be assigned to the issue.
To close an issue, you can either:
@@ -278,9 +287,11 @@ You can also use the `/close` [quick action](../quick_actions.md) in a comment o
### Reopen a closed issue
+> - Minimum role to reopen a closed issue [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
+
Prerequisites:
-- You must have at least the Reporter role for the project, be the author of the issue, or be assigned to the issue.
+- You must have at least the Planner role for the project, be the author of the issue, or be assigned to the issue.
To reopen a closed issue, in the upper-right corner, select **Issue actions** (**{ellipsis_v}**) and then **Reopen issue**.
A reopened issue is no different from any other open issue.
@@ -414,9 +425,11 @@ of your installation.
## Change the issue type
+> - Minimum role to change the issue type [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
+
Prerequisites:
-- You must be the issue author or have at least the Reporter role for the project, be the author of the issue, or be assigned to the issue.
+- You must be the issue author or have at least the Planner role for the project, be the author of the issue, or be assigned to the issue.
To change issue type:
@@ -432,9 +445,11 @@ To change issue type:
## Delete an issue
+> - Required role to delete an issue [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Owner to Owner or Planner in GitLab 17.7.
+
Prerequisites:
-- You must have the Owner role for a project.
+- You must have the Planner or Owner role for a project.
To delete an issue:
@@ -456,6 +471,8 @@ DETAILS:
**Tier:** Premium, Ultimate
**Offering:** GitLab.com, Self-managed, GitLab Dedicated
+> - Minimum role to promote an issue to an epic [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
+
You can promote an issue to an [epic](../../group/epics/index.md) in the immediate parent group.
Promoting a confidential issue to an epic creates a
@@ -478,9 +495,9 @@ The following issue metadata is copied to the epic:
Prerequisites:
- The project to which the issue belongs must be in a group.
-- You must have at least the Reporter role the project's immediate parent group.
+- You must have at least the Planner role the project's immediate parent group.
- You must either:
- - Have at least the Reporter role for the project.
+ - Have at least the Planner role for the project.
- Be the author of the issue.
- Be assigned to the issue.
@@ -683,9 +700,11 @@ themselves or another project member assigns them.
### Change assignee on an issue
+> - Minimum role to change assignee [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
+
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To change the assignee on an issue:
@@ -722,9 +741,11 @@ Incorporate a review of issue health status into your daily stand-up, project st
### Change health status of an issue
+> - Minimum role to change health status [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
+
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To edit health status of an issue:
diff --git a/doc/user/project/labels.md b/doc/user/project/labels.md
index 65f2985bd92911d8f17ff5d93dbee8218f8763d1..70d32585c739ac46b761c0be56f5f0904cac2fbb 100644
--- a/doc/user/project/labels.md
+++ b/doc/user/project/labels.md
@@ -105,9 +105,11 @@ the group's projects.
## Create a label
+> - Minimum role to create a label [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
+
Prerequisites:
-- You must have at least the Reporter role for the project or group.
+- You must have at least the Planner role for the project or group.
### Create a project label
@@ -126,12 +128,14 @@ To create a project label:
### Create a project label from an issue or merge request
+> - Minimum role to create a label [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
+
You can also create a new project label from an issue or merge request.
Labels you create this way belong to the same project as the issue or merge request.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To do so:
@@ -164,12 +168,14 @@ DETAILS:
**Tier:** Premium, Ultimate
**Offering:** GitLab.com, Self-managed, GitLab Dedicated
+> - Minimum role to create a group label [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
+
You can also create a new group label from an epic.
Labels you create this way belong to the same group as the epic.
Prerequisites:
-- You must have at least the Reporter role for the group.
+- You must have at least the Planner role for the group.
To do so:
@@ -183,9 +189,11 @@ To do so:
## Edit a label
+> - Minimum role to edit a label [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
+
Prerequisites:
-- You must have at least the Reporter role for the project or group.
+- You must have at least the Planner role for the project or group.
### Edit a project label
@@ -207,13 +215,15 @@ To edit a **group** label:
## Delete a label
+> - Minimum role to delete a label [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
+
WARNING:
If you delete a label, it is permanently deleted. All references to the label are removed from the
system and you cannot undo the deletion.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
### Delete a project label
@@ -238,6 +248,8 @@ To delete a **group** label:
## Promote a project label to a group label
+> - Minimum role to promote a label [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
+
You might want to make a project label available for other
projects in the same group. Then, you can promote the label to a group label.
@@ -250,8 +262,8 @@ Promoting a label is a permanent action and cannot be reversed.
Prerequisites:
-- You must have at least the Reporter role for the project.
-- You must have at least the Reporter role for the project's parent group.
+- You must have at least the Planner role for the project.
+- You must have at least the Planner role for the project's parent group.
To promote a project label to a group label:
@@ -267,6 +279,8 @@ The new group label has the same ID as the previous project label.
## Promote a subgroup label to the parent group
+> - Minimum role to promote a label [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
+
It's not possible to directly promote a group label to the parent group.
To achieve this, use the following workaround.
@@ -274,7 +288,7 @@ Prerequisites:
- There must be a group that contains subgroups ("parent group").
- There must be a subgroup in the parent group, that has a label you want to promote.
-- You must have at least the Reporter role for both groups.
+- You must have at least the Planner role for both groups.
To "promote" the label to the parent group:
@@ -296,12 +310,14 @@ to the same issues, MRs, and epics.
## Generate default project labels
+> - Minimum role to generate default labels [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
+
If a project or its parent group has no labels, you can generate a default set of project
labels from the label list page.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
- The project must have no labels present.
To add the default labels to the project:
@@ -435,6 +451,8 @@ To subscribe to a label:
## Set label priority
+> - Minimum role to set label priority [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
+
Labels can have relative priorities, which are used when you sort issue and merge request lists
by [label priority](issues/sorting_issue_lists.md#sorting-by-label-priority) and [priority](issues/sorting_issue_lists.md#sorting-by-priority).
@@ -447,7 +465,7 @@ Priority sorting is based on the highest priority label only.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To prioritize a label:
@@ -473,6 +491,7 @@ DETAILS:
**Status:** Beta
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/408676) in GitLab 16.3 [with a flag](../../administration/feature_flags.md) named `enforce_locked_labels_on_merge`. This feature is [beta](../../policy/experiment-beta-support.md). Disabled by default.
+> - Minimum role to lock labels [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
FLAG:
The availability of this feature is controlled by a feature flag.
@@ -486,7 +505,7 @@ When you add locked labels to issues or epics, they behave like regular labels.
Prerequisites:
-- You must have at least the Reporter role for the project or group.
+- You must have at least the Planner role for the project or group.
WARNING:
After you set a label as locked, nobody can undo it or delete the label.
diff --git a/doc/user/project/members/index.md b/doc/user/project/members/index.md
index 1fb6e7aaf00a0e646b5dadadbba509f361e7b2b8..0a05a6c62bcf21332d586d7b62850606eb72efb6 100644
--- a/doc/user/project/members/index.md
+++ b/doc/user/project/members/index.md
@@ -184,7 +184,7 @@ If a user is:
Prerequisites:
- To remove direct members that have the:
- - Maintainer, Developer, Reporter, or Guest role, you must have the Maintainer role.
+ - Maintainer, Developer, Reporter, Planner, or Guest role, you must have the Maintainer role.
- Owner role, you must have the Owner role.
- Optional. Unassign the member from all issues and merge requests that
are assigned to them.
diff --git a/doc/user/project/milestones/index.md b/doc/user/project/milestones/index.md
index 12dcba1732314a3059a83cd08d7e8235f6a4aca9..e46e0a1145a4f6246c691f64f2e5c341a7380261 100644
--- a/doc/user/project/milestones/index.md
+++ b/doc/user/project/milestones/index.md
@@ -123,12 +123,13 @@ The sidebar on the milestone view shows the following:
## Create a milestone
> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/issues/343889) the minimum user role from Developer to Reporter in GitLab 15.0.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
You can create a milestone either in a project or a group.
Prerequisites:
-- You must have at least the Reporter role for the project or group the milestone belongs to.
+- You must have at least the Planner role for the project or group the milestone belongs to.
To create a milestone:
@@ -144,10 +145,11 @@ To create a milestone:
## Edit a milestone
> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/issues/343889) the minimum user role from Developer to Reporter in GitLab 15.0.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
Prerequisites:
-- You must have at least the Reporter role for the project or group the milestone belongs to.
+- You must have at least the Planner role for the project or group the milestone belongs to.
To edit a milestone:
@@ -161,10 +163,11 @@ To edit a milestone:
## Close a milestone
> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/issues/343889) the minimum user role from Developer to Reporter in GitLab 15.0.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
Prerequisites:
-- You must have at least the Reporter role for the project or group the milestone belongs to.
+- You must have at least the Planner role for the project or group the milestone belongs to.
To close a milestone:
@@ -177,10 +180,11 @@ To close a milestone:
## Delete a milestone
> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/issues/343889) the minimum user role from Developer to Reporter in GitLab 15.0.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
Prerequisites:
-- You must have at least the Reporter role for the project or group the milestone belongs to.
+- You must have at least the Planner role for the project or group the milestone belongs to.
To delete a milestone:
@@ -193,6 +197,8 @@ To delete a milestone:
## Promote a project milestone to a group milestone
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
+
If you are expanding the number of projects in a group, you might want to share the same milestones
among this group's projects.
You can promote project milestones to the parent group to
@@ -208,7 +214,7 @@ This action cannot be reversed and the changes are permanent.
Prerequisites:
-- You must have at least the Reporter role for the group.
+- You must have at least the Planner role for the group.
To promote a project milestone:
diff --git a/doc/user/project/requirements/index.md b/doc/user/project/requirements/index.md
index c5edbe2173e3ac0741da1f6e630598f26508db7e..967d07050de14a721f7aa51f5e4eb60ba81c9b2c 100644
--- a/doc/user/project/requirements/index.md
+++ b/doc/user/project/requirements/index.md
@@ -37,12 +37,14 @@ For a more in-depth walkthrough see [GitLab Requirements Traceability Walkthroug
## Create a requirement
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
+
A paginated list of requirements is available in each project, and there you
can create a new requirement.
Prerequisites:
-- You must have at least the Reporter role.
+- You must have at least the Planner role.
To create a requirement:
@@ -66,13 +68,14 @@ next to the requirement title.
## Edit a requirement
-> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/issues/424961) in GitLab 16.11: Authors and assignees can edit requirements even if they don’t have the Reporter role.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/issues/424961) in GitLab 16.11: Authors and assignees can edit requirements even if they don't have the Reporter role.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
You can edit a requirement from the requirements list page.
Prerequisites:
-- You must have at least the Reporter role or be the author or assignee of the requirement.
+- You must have at least the Planner role or be the author or assignee of the requirement.
To edit a requirement:
@@ -83,14 +86,15 @@ To edit a requirement:
## Archive a requirement
-> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/issues/424961) in GitLab 16.11: Authors and assignees can archive requirements even if they don’t have the Reporter role.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/issues/424961) in GitLab 16.11: Authors and assignees can archive requirements even if they don't have the Reporter role.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
You can archive an open requirement while
you're in the **Open** tab.
Prerequisites:
-- You must have at least the Reporter role or be the author or assignee of the requirement.
+- You must have at least the Planner role or be the author or assignee of the requirement.
To archive a requirement, select **Archive** (**{archive}**).
@@ -98,13 +102,14 @@ As soon as a requirement is archived, it no longer appears in the **Open** tab.
## Reopen a requirement
-> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/issues/424961) in GitLab 16.11: Authors and assignees can re-open requirements even if they don’t have the Reporter role.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/issues/424961) in GitLab 16.11: Authors and assignees can re-open requirements even if they don't have the Reporter role.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
You can view the list of archived requirements in the **Archived** tab.
Prerequisites:
-- You must have at least the Reporter role or be the author or assignee of the requirement.
+- You must have at least the Planner role or be the author or assignee of the requirement.
@@ -223,7 +228,9 @@ in a project, you must replace `requirements` in above configs with `requirement
## Import requirements from a CSV file
-You must have at least the Reporter role.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
+
+You must have at least the Planner role.
You can import requirements to a project by uploading a [CSV file](https://en.wikipedia.org/wiki/Comma-separated_values)
with the columns `title` and `description`.
@@ -284,6 +291,8 @@ For GitLab.com, it is set to 10 MB.
## Export requirements to a CSV file
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
+
You can export GitLab requirements to a
[CSV file](https://en.wikipedia.org/wiki/Comma-separated_values) sent to your default notification
email as an attachment.
@@ -294,7 +303,7 @@ audit and regulatory compliance tasks.
Prerequisites:
-- You must have at least the Reporter role.
+- You must have at least the Planner role.
To export requirements:
diff --git a/doc/user/project/time_tracking.md b/doc/user/project/time_tracking.md
index 1d258868a2b00940d43aa2e8bce46507c220081e..3efac991908ae8e9319c8f29fbb19d9b082f2fce 100644
--- a/doc/user/project/time_tracking.md
+++ b/doc/user/project/time_tracking.md
@@ -12,6 +12,7 @@ DETAILS:
> - Time tracking for tasks [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/438577) in GitLab 17.0.
> - Time tracking for epics [introduced](https://gitlab.com/groups/gitlab-org/-/epics/12396) in GitLab 17.5. Your administrator must have [enabled the new look for epics](../group/epics/epic_work_items.md).
+> - Minimum role to add, edit, and remove estimate [changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) from Reporter to Planner in GitLab 17.7.
You can estimate and track the time you spend on an item, such as:
@@ -50,8 +51,8 @@ You can see the estimated time remaining when you hover over the time tracking i
Prerequisites:
-- In issues, you must have at least the Reporter role for the project.
-- In tasks, you must have at least the Reporter role for the project.
+- In issues, you must have at least the Planner role for the project.
+- In tasks, you must have at least the Planner role for the project.
- In merge requests, you must have at least the Developer role for the project.
To enter an estimate, use the `/estimate` [quick action](quick_actions.md), followed by the time.
@@ -67,8 +68,8 @@ Every time you enter a new time estimate, it overwrites the previous value.
Prerequisites:
-- In issues, you must have at least the Reporter role for the project.
-- In tasks, you must have at least the Reporter role for the project.
+- In issues, you must have at least the Planner role for the project.
+- In tasks, you must have at least the Planner role for the project.
- In merge requests, you must have at least the Developer role for the project.
To remove an estimate entirely, use the `/remove_estimate` [quick action](quick_actions.md).
@@ -86,7 +87,7 @@ The total amount of time spent on an issue, task, or merge request cannot exceed
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
#### Using the user interface
@@ -135,7 +136,7 @@ If you type a future date, no time is logged.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To subtract time, enter a negative value. For example, `/spend -3d` removes three
days from the total time spent. You can't go below 0 minutes of time spent,
@@ -160,7 +161,7 @@ To delete a timelog, either:
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To delete all the time spent at once, use the `/remove_time_spent` [quick action](quick_actions.md).
diff --git a/doc/user/tasks.md b/doc/user/tasks.md
index 7b470eb0912b4f02b3d3d460bac81d0899080fcb..e9909083c7c981d366f64eda52a657d609505b7a 100644
--- a/doc/user/tasks.md
+++ b/doc/user/tasks.md
@@ -50,10 +50,11 @@ the task opens in a full-page view.
## Create a task
> - Ability to select which project to create the task in [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/436255) in GitLab 17.1.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
Prerequisites:
-- You must have at least the Reporter role for the project, or the project must be public.
+- You must have at least the Planner role for the project, or the project must be public.
To create a task:
@@ -68,10 +69,11 @@ To create a task:
### From a task list item
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/377307) in GitLab 15.9.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
1. On the left sidebar, select **Search or go to** and find your project.
1. Select **Plan > Issues**, then select your issue to view it.
@@ -101,9 +103,11 @@ To add a task:
## Edit a task
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
+
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To edit a task:
@@ -120,6 +124,7 @@ To edit a task:
> - Rich text editing in the dialog view [introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/363007) in GitLab 15.6 [with a flag](../administration/feature_flags.md) named `work_items_mvc`. Disabled by default.
> - Rich text editing in the full page view [introduced](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/104533) in GitLab 15.7.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
FLAG:
On self-managed GitLab, by default the rich text feature is not available. To make it available per group, ask an
@@ -131,7 +136,7 @@ Use a rich text editor to edit a task's description.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To edit the description of a task:
@@ -146,10 +151,11 @@ To edit the description of a task:
## Promote a task to an issue
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/412534) in GitLab 16.1.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To promote a task to an issue:
@@ -192,11 +198,13 @@ To remove a task from an issue:
## Delete a task
+> - [Allowed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) Planner role to delete a task in GitLab 17.7.
+
Prerequisites:
- You must either:
- Be the author of the task and have at least the Guest role for the project.
- - Have the Owner role for the project.
+ - Have the Planner or Owner role for the project.
To delete a task:
@@ -209,10 +217,11 @@ To delete a task:
## Reorder tasks
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/385887) in GitLab 16.0.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
By default, tasks are ordered by creation date.
To reorder them, drag them around.
@@ -220,6 +229,7 @@ To reorder them, drag them around.
## Assign users to a task
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/334810) in GitLab 15.4.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
To show who is responsible for a task, you can assign users to it.
@@ -229,7 +239,7 @@ See also [multiple assignees for issues](project/issues/multiple_assignees_for_i
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To change the assignee on a task:
@@ -244,10 +254,11 @@ To change the assignee on a task:
## Assign labels to a task
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/339756) in GitLab 15.5.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To add [labels](project/labels.md) to a task:
@@ -262,12 +273,13 @@ To add [labels](project/labels.md) to a task:
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/365399) in GitLab 15.4 [with a flag](../administration/feature_flags.md) named `work_items_mvc_2`. Disabled by default.
> - [Enabled on GitLab.com and self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/365399) in GitLab 15.5.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
You can set a [start and due date](project/issues/due_dates.md) on a task.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
You can set start and due dates on a task to show when work should begin and end.
@@ -295,6 +307,7 @@ To set a start date:
> - [Introduced](https://gitlab.com/gitlab-org/gitlab/-/issues/367463) in GitLab 15.5 [with a flag](../administration/feature_flags.md) named `work_items_mvc_2`. Disabled by default.
> - [Moved](https://gitlab.com/gitlab-org/gitlab/-/issues/367463) to feature flag named `work_items_mvc` in GitLab 15.7. Disabled by default.
> - [Enabled on GitLab.com and self-managed](https://gitlab.com/gitlab-org/gitlab/-/issues/367463) in GitLab 15.7.
+> - [Changed](https://gitlab.com/gitlab-org/gitlab/-/merge_requests/169256) the minimum user role from Reporter to Planner in GitLab 17.7.
You can add a task to a [milestone](project/milestones/index.md).
You can see the milestone title when you view a task.
@@ -303,7 +316,7 @@ the new task inherits the milestone.
Prerequisites:
-- You must have at least the Reporter role for the project.
+- You must have at least the Planner role for the project.
To add a task to a milestone: