For example i have a dev A, B and C
I want dev C to be blocked from all repos except few
User B and A in same user group as C but they should have access to all other repos.
How to set this up? Is there any faster way than changing permissions for user per each repo manually? What will happen with overlaps? If user A is in group1 that has access to repo1 and repo2 but blocked from repo3 if same user will be in group2 with access to repo3 will he have all 3 repos be accessible? All this overrides in 4 different places are confusing
Our security guide includes some examples of real scenarios:
In summary:
- If you define some permissions at the server level, they will be inherited at the repository level so you can define some common permissions at the server level.
- You can always overwrite the inherited permissions.
- You can use a “third status” neither allow nor deny when defining group permissions. Permissions will not be granted unless they are explicitly granted.
- The denial always prevails if a user belongs to a group with denied permissions.
- On a normal basis, the groups are created to define common permissions for a group of users. You can create as many groups as you need.
1 Like
Okay, thanks, now i understand it better