Decouple 'Create Repository' permission from 'Write' permission in Project Settings

XMLWordPrintable

    • 1

      Issue Summary

      Currently, if a user has the “Create repository” permission for a project, they automatically gain WRITE permission for all repositories within that project. This can lead to unintended access and modifications in repositories that the user should not have write access to. A separation of the "Create repository" permission from the WRITE permission would enhance security and access control.

      Steps to Reproduce

      1. Assign a user the “Create repository” permission for a specific project.

      Expected Results

      The user should have the ability to create new repositories within the project without automatically gaining WRITE permission to existing repositories. Permissions for existing repositories should be managed separately.

      Actual Results

      The user gains WRITE permission for all repositories within the project as soon as they are granted the “Create repository” permission. This can lead to unauthorized changes and access to repositories.

      Workaround

      Currently there is no known workaround for this behavior. A workaround will be added here when available

            Assignee:
            Unassigned
            Reporter:
            Norbert Csupka (Inactive)
            Votes:
            1 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated: