We have a simple setup where developers on the team work on forks of the definitive repo in a company-owned account; then submit changes via pull request. The repos need to be private as it's not open source code.
The problem is while we can see the overall diff on PRs, we can't view individual commit diffs, which is a pain when PRs are updated.
Root cause is permissions: individuals can't inherit permissions due to the general problem described in comments at https://bitbucket.org/site/master/issue/4828/team-admins-dont-have-read-access-to-forks so everyone's fork is effectively locked down to one person.
When you inherit permissions for a repo, your account shouldn't have to have the same account level as the upstream repo. Alternatively, attach the commit diffs for the PR to the PR's permissions - ie. we can see the overall diff regardless of account settings, so the individual diffs could be revealed under the same scheme.