Either 1 of 2 things should be possible.
- Allow per repo keys, not just read only deployment keys, but write also as an option, of course with an associated accountable user. This is manly for server automated pushing, as a grant of push on user keys opens up a worm exploit security risk, as all repos are writable from more than the necessary subset of key locations.
- Or each user key also has restrictions on it so for example admin on the key and admin on the user is needed to obtain admin rights. This option has more security implications.