[BSERV-7118] restrict ability to delete branches to REPO_ADMIN - Create and track feature requests for Atlassian products.

Type: Suggestion
Resolution: Duplicate
Fix Version/s: None
Component/s: API - REST, UI
Labels:
None

Feedback Policy:

We collect Bitbucket feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

In order to protect maintenance and release branches in Stash from being deleted via git push using refspecs, we used the ref-change-settings plugin. This restricted the ability to delete branches only to administrators.

Unfortunately, with release 2.8, Stash offers anyone with the REPO_WRITE permission on a repository to delete any branch in that repository from the Branches tab in the Stash UI. (see ~~STASH-3347~~).

This was followed by the new REST API offered by the Branch Utilities Plugin, which also allowed anyone with the REPO_WRITE permission on a repository to delete any branch in that repository.

The ref-change-settings plugin does not get called here and thus cannot help us protect these branches anymore.

It would be a good idea to restrict such destructive actions (as was the intent of the ref-change-settings plugin) to a smaller group of people (e.g. people with the REPO_ADMIN permission)

duplicates

BSERV-2507 Add permission to disable branch and tag deletion via git push

Closed

Form Name

Loading...

Type: Suggestion
Resolution: Duplicate
Fix Version/s: None
Component/s: API - REST, UI
Labels:
None

Feedback Policy:

We collect Bitbucket feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

In order to protect maintenance and release branches in Stash from being deleted via git push using refspecs, we used the ref-change-settings plugin. This restricted the ability to delete branches only to administrators.

Unfortunately, with release 2.8, Stash offers anyone with the REPO_WRITE permission on a repository to delete any branch in that repository from the Branches tab in the Stash UI. (see ~~STASH-3347~~).

This was followed by the new REST API offered by the Branch Utilities Plugin, which also allowed anyone with the REPO_WRITE permission on a repository to delete any branch in that repository.

The ref-change-settings plugin does not get called here and thus cannot help us protect these branches anymore.

It would be a good idea to restrict such destructive actions (as was the intent of the ref-change-settings plugin) to a smaller group of people (e.g. people with the REPO_ADMIN permission)

duplicates

BSERV-2507 Add permission to disable branch and tag deletion via git push

Closed

Assignee:: Unassigned

Reporter:: george thomas

Votes:: 1 Vote for this issue

Watchers:: 7 Start watching this issue

Created:: 25/Feb/2015 4:26 AM

Updated:: 19/Sep/2019 5:50 AM

Resolved:: 03/Mar/2015 3:19 PM

Details

Description

Attachments

Issue Links

Forms

Activity