[go: up one dir, main page]

Introduce a new "Allow immediate deletion" application setting

Rémy Coutablerequested to merge
569453-introduce-a-new-allow-force-deletion-application-setting-default-true into master

Split into several MRs:

  1. Add the allow_immediate_namespaces_deletion app... (!205554 - merged)
  2. Add support for allow_immediate_namespaces_dele... (!205556 - merged)
  3. Support disabled deletion section in group/proj... (!205563 - merged)
  4. Check `Allow immediate deletion` admin setting ... (!205567 - merged)
  5. Support disabled immediate deletion in groups a... (!205572 - merged)

What does this MR do and why?

This change replaces a feature flag system with a proper admin setting for controlling "immediate deletion" of groups and projects. Previously, there was a temporary feature flag that could prevent users from immediately deleting items that were scheduled for deletion (bypassing the safety waiting period). Now, administrators can configure this behavior through the admin settings panel with a new checkbox option called "Allow immediate deletion."

The new setting is enabled by default, meaning users can still immediately delete scheduled items. However, on GitLab.com and Dedicated, this setting is automatically disabled for safety reasons (through a post-deploy migration for existing installations, production fixtures for new installations, and through model validation to ensure it cannot be enabled). The change includes a new admin interface where administrators can toggle this setting, updated documentation explaining the feature, and removes the old feature flag code.

The practical impact is that administrators now have proper control over whether users can bypass deletion protection periods, with a cleaner interface and more predictable behavior than the previous feature flag system.

This new feature is itself behind a new allow_immediate_namespaces_deletion WIP feature flag so that we can introduce all the changes in several MRs without providing a unfinished experience to users.

References

Screenshots or screen recordings

Page FF disabled FF enabled, and setting enabled FF enabled, and setting disabled
Admin settings ff-disabled-admin ff-enabled-admin ff-enabled-setting-disabled
Admin settings trying to enable the setting while on Dedicated N/A ff-enabled-admin-error-on-dedicated N/A
Group NOT marked for deletion ff-disabled-active-group Same as FF disabled Same as FF disabled
Group marked for deletion ff-disabled-group-marked-for-deletion Same as FF disabled ff-enabled-group-marked-for-deletion
Group ancestor marked for deletion ff-disabled-group-ancestor-marked-for-deletion ff-enabled-setting-enabled-group-ancestor-marked-for-deletion ff-enabled-group-ancestor-marked-for-deletion
Groups list as admin ff-disabled-groups-as-admin Same as FF disabled Same as FF disabled
Groups list as owner ff-disabled-groups-as-owner Same as FF disabled ff-enabled-groups-as-owner
Projects list as admin ff-disabled-projects-as-admin Same as FF disabled Same as FF disabled
Projects list as owner ff-disabled-projects-as-owner Same as FF disabled ff-enabled-projects-as-owner
Project NOT marked for deletion ff-disabled-project-not-marked-for-deletion Same as FF disabled Same as FF disabled
Project marked for deletion ff-disabled-project-marked-for-deletion Same as FF disabled ff-enabled-project-marked-for-deletion
Project ancestor marked for deletion ff-disabled-project-ancestor-marked-for-deletion ff-enabled-setting-enabled-project-ancestor-marked-for-deletion ff-enabled-project-ancestor-marked-for-deletion

How to set up and validate locally

MR acceptance checklist

Evaluate this MR against the MR acceptance checklist. It helps you analyze changes to reduce risks in quality, performance, reliability, security, and maintainability.

Edited by Rémy Coutable

Merge request reports