- Groups as collections of users
- Sharing a project with a group of users
- Maximum access level
- Sharing public project with private group
- Share project with group lock
You can share projects with other groups. This makes it possible to add a group of users to a project with a single action.
Groups are used primarily to create collections of projects, but you can also take advantage of the fact that groups define collections of users, namely the group members.
The primary mechanism to give a group of users, say ‘Engineering’, access to a project, say ‘Project Acme’, in GitLab is to make the ‘Engineering’ group the owner of ‘Project Acme’. But what if ‘Project Acme’ already belongs to another group, say ‘Open Source’? This is where the group sharing feature can be of use.
To share ‘Project Acme’ with the ‘Engineering’ group:
For ‘Project Acme’ use the left navigation menu to go to Members.
- Select the Invite group tab.
- Add the ‘Engineering’ group with the maximum access level of your choice.
- Optionally, select an expiring date.
- Click Invite.
- After sharing ‘Project Acme’ with ‘Engineering’:
Note that you can only share a project with:
- groups for which you have an explicitly defined membership
- groups that contain a nested subgroup or project for which you have an explicitly defined role
Administrators are able to share projects with any group in the system.
In GitLab 13.11, you can optionally replace the sharing form with a modal window. To share a project after enabling this feature:
- Go to your project’s page.
- In the left sidebar, go to Members, and then select Invite a group.
- Select a group, and select a Max access level.
- (Optional) Select an Access expiration date.
- Select Invite.
The modal window for sharing a project is under development and is ready for production use. It is deployed behind a feature flag that is disabled by default. GitLab administrators with access to the GitLab Rails console can enable it.
To enable it:
To disable it:
In the example above, the maximum access level of ‘Developer’ for members from ‘Engineering’ means that users with higher access levels in ‘Engineering’ (‘Maintainer’ or ‘Owner’) only have ‘Developer’ access to ‘Project Acme’.
When sharing a public project with a private group, owners and maintainers of the project see the name of the group in the
members page. Owners also have the possibility to see members of the private group they don’t have access to when mentioning them in the issue or merge request.
It is possible to prevent projects in a group from sharing a project with another group. This allows for tighter control over project access.
Learn more about Share with group lock.