Symbol white

← Back to other Codebase suggestions

Add per-repository user permissions

7aad0ec8ddec6b262b1db42b75cecaab?rating=pg&size=52&default=mm
suggested by Jonathan H
19

Repost from UserVoice (also here):
 
Say I have a project which have a Website (in Rails), an iPhone App, and an Android App. I don't want the RoR developer to see the iPhone code, and vice versa. So each dev will have access to "its" repo. The Android Dev will only see the Android Repo.

Complete We've implemented this suggestion!

Comments (9)

  • +1 - with possibility to make some Pull Requests from one repo to another inside a given project
     
    Related/other approach : to let a particular user access only one branch of a repository - so that they can push to their "feature" branch (and only to that) and the "admin" can merge, if need be, their work in the "master" branch (with or without "Merge Requests" for that matter).

    Bf291d86195fcb087074755fdca49a91?rating=pg&size=52&default=mm
    posted by Nicolas D
  • +1 from me, for sure. I want to be able to control deployment. Certain people should be able to push, perhaps to a branch, and only a few can push to master, triggering a deployment. 

    Fc00dade2a5d9a481fb0117f5735a03c?rating=pg&size=52&default=mm
    posted by Rick C
  • +1 From me as well. In my company, we have a shared library with submodules used in several different projects. It's cumbersome to handle unique repo access with SSH keys as we have to do today. Being able to assign a user to a repository instead of an entire project would be a big improvement!
     
    As Dixens also mentions, a more fine grained control of per-user/role permissions, for pushing/merging/force-pushing/etc is required when creating just a little bit more complex organization than free-for-all.

    A9c06b8f85d1e64141f5e61cd36e98a8?rating=pg&size=52&default=mm
    posted by Martin A
  • +1 From me too - we've got round this for now by setting a duplicate project up with a copy of all the relevant repos for external developers - and then I merge in locally to the repos in the main project.
     
    This does of course preclude the use of pull requests with the way they are implemented in CodeBase (ability to perform pull requests between projects would make this less cumbersome)
     
    More granular control over permissions would be useful.

    1d9fe99edcab38b6c4049df5b2e65057?rating=pg&size=52&default=mm
    posted by Daniel L
  • +1 From me too - We don't feel at all comfortable allowing everyone to merge / push changes into a production branch for instance.
     
    Per branch permissions and merge request approvals would be grand
     
    any news of where you guys are at with this?

    52
    posted by Enrique G
  • +1 from me too. We need a way to separate the code for developers, so that we can approve changes. Per-branch would be ideal (as with Gitolite), but fork-pullrequest style works too, if not possible (for the moment). A very easy fix to fork-pull request is the ability to restrict user per-repository and to allow cross-repository merge requests.

    posted by Unknown User
  • +1 for me too. Security settings per repository or even per branch within a git repository will be very useful.
     
    Whne do you think it can be implemented? Thanks a lot.
     
    Best,
    Jan

    E7d6120fcf23baa9a0b88adce2a5d3ec?rating=pg&size=52&default=mm
    posted by Jan T
  • +1 too. :)
     
    I would also consider something like per-user forks of the main repositories of the project. Of course this could be achieved by creating a separate repository for each user already now, but more tight integration with Codebase's own user management would be nice.

    908f144b7609574bf8063919f61d79af?rating=pg&size=52&default=mm
    posted by Ville M
  • also +1 for this setup - We would also separate e.g. puppet repository / devs repos because actual we must give full access for the project to external sysadmins to let them use puppet ... not so nice even they could see the "result" on the live servers.

    posted by Unknown User