Uploaded image for project: 'Bitbucket Data Center'
  1. Bitbucket Data Center
  2. BSERV-7346

Permissions audit: allow project admin to review effective permissions for a particular user

XMLWordPrintable

    • 39
    • We collect Bitbucket feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      Atlassian status as of Oct 2022

      Hi everyone,

      I'm happy to announce that in Bitbucket Data Center 8.5 we have completely redesigned repository/project permission page. Repository admins can see not only users with direct permissions, but also users who have access because of permissions assigned on project/global level. For example, if user has read permission for a repository, but also has write permissions for the project, then repository admin will be able to see both permissions in the list. This feature will help repository admins to identify effective permissions of specific users much easier. 

      Cheers,
      Anton Genkin
      Product Manager - Bitbucket Data Center

      Origin

      I have a project with some sensitive repositories and a non-sensitive respository. I need to provide read access to the non-sensitive repository to a user, but he needs to NOT have access to the sensitive repositories.

      I got this working, but only after accidentally opening the project up to any logged-in user, and I did not realize this until I was able to request a test user to be created so I could log in as the test user and see what repositories were accessible.

      The permissions management would be a LOT easier to verify if you could just see what a particular user sees.

              Unassigned Unassigned
              10a9d3476bdf Jason Sachs
              Votes:
              8 Vote for this issue
              Watchers:
              11 Start watching this issue

                Created:
                Updated:
                Resolved: