Uploaded image for project: 'Bitbucket Cloud'
  1. Bitbucket Cloud
  2. BCLOUD-23545

Decouple 'Create Repository' permission from 'Write' permission in Project Settings

XMLWordPrintable

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      Issue Summary

      Currently, if a user has the “Create repository” permission for a project, they automatically gain WRITE permission for all repositories within that project. This can lead to unintended access and modifications in repositories that the user should not have write access to. A separation of the "Create repository" permission from the WRITE permission would enhance security and access control.

      Steps to Reproduce

      1. Assign a user the “Create repository” permission for a specific project.

      Expected Results

      The user should have the ability to create new repositories within the project without automatically gaining WRITE permission to existing repositories. Permissions for existing repositories should be managed separately.

      Actual Results

      The user gains WRITE permission for all repositories within the project as soon as they are granted the “Create repository” permission. This can lead to unauthorized changes and access to repositories.

      Workaround

      Currently there is no known workaround for this behavior. A workaround will be added here when available

              Unassigned Unassigned
              ncsupka Norbert Csupka
              Votes:
              1 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: