As an admin, I would like to restrict READ permission for Project or Repository for selected information only

Problem Definition

Read permission allows users to clone, browse, and fork any repository. Additionally, they are able to browse all repository contents such as source codes, commits, pull requests, etc. As an admin, I would like to have more granularity with the READ permission, especially in browse options. For example, my requirement is:

"Allow any user with READ permission to be able to see via the Jira ticket which branches the code has been merged to but they shouldn't be allowed to view the source code"

The reason why we need this functionality is due to in the past we have allowed this and it end's up with Testers and some others trying to suggest code fixes as opposed to testing or just reporting back on progress. This was available with Subversion and Fisheye. We are in the process of moving from Subversion to Bitbucket/Git and this is seen as a loss of functionality.

Suggested Solution

1. Add options on which actions a user with READ permission can do from Project/Repository. For example, clone, browse, or fork.
2. For browse, add options on which information the user can view. For example, source codes, commits, pull requests, branches, etc.