As a repository administrator it can be hard to know who has access to your repository and what level of access, because implicit project permissions (and global permissions) are only visible in other parts of the Stash interface (the respective project and global permission pages). Furthermore, the repository admin may not have access to these pages to discover this information. It would be nice if the implicit permissions were displayed somehow on the repository permissions page.

Originally split from STASH-3508

In general, having both project and repo permissions is confusing because I have to look at two screens to understand what is going on. But, it's also very useful to be able to set defaults.

You could solve this very easily by making implicit project permissions show up automatically on the repo permission list. Perhaps they could be faded to indicate that these permissions are inherited, and they wouldn't have an 'x' button to remove them.

If the UI did this, I could look at the repo screen and see exactly who has access to the repo and who does not. Also, a repo admin could very easily check and uncheck boxes on the repo screen, expanding or restricting project permissions as he/she chooses.

This is more powerful than what the current UI allows, and I think it's more intuitive. There is one simple rule to remember: look at the repo screen to see who can access your repo.

One final corner case: if a project permission is deleted, then the corresponding repo permission should go away if it still corresponds to the default. If the repo admin has restricted or expanded it, the explicit change should stay on the repo to reflect the repo admin's intent.

Workaround

The not-aggregated information can be retrieve by using the Bitbucket Server REST APIs:

• The permissions set at global level can be accessed with this call
• The permissions set at project level can be retrieved with this call
• For the permissions at repositories level use this one.