Issue #6486 wontfix

Group permissions should be applied on a per-team basis

Abril Mídia
created an issue
  • When I create a group, the permissions set will be propagated to all repositories that an account owns.
  • Let's say an another repository admin removes that group from the repository access list;
  • Next time I decide to change a group permissions, they will only be set in repositories that still have the group associated, and this go against the fact that the name of the permission is "have 'admin' access to this account's repositories".
  • The warning message even tell me that it is applying only to a subset of my account's repositories.

Is this really the expected behavior of this feature?

As an employee of a company that will need to distribute account administration between several project managers because we have ~930 private repositories, this sounds more like a information security flaw. Global permissions should be applied globally and this behavior should not change through time.

Comments (4)

  1. Brian Nguyen

    Hi,

    Yes, this is the expected behavior. Our permission system is designed to be handled on a per repository basis and is not designed to be applied on a team level.

    We do provide additional assistance to bubble changes to affected repositories, we do not have plans to have a per-team permission system.

    If we get more interest in this we will consider this in the future.

    Cheers, Brian

  2. Log in to comment