permissions for repo and org
This commit is contained in:
parent
2a7ceacdb3
commit
ca0d41948f
|
@ -100,7 +100,6 @@ Click the green `+ New Team` to create a new team. Define its name, permissions
|
|||
You can choose whether members of the team can only access some repositories explicitly added to the team, or whether they can access all repositories of the organziation.
|
||||
You can also allow members to be able to create new repositories for the organization.
|
||||
If you have allowed repository administrators to grant or remove access for teams (see [Create an Organization](#create-orga) above), they can do so in `Settings > Collaborators` tab of the repository.
|
||||
<a name="sections"></a>
|
||||
If you choose either `Read` or `Write` access, you can additionally define which sections of the repositories (code, issues, pull requests, releases and wiki) the members will have (read or write) access to. On the other hand, `Administrator` access automatically grants read and write access to all sections; this part of the form is therefore hidden in this case.
|
||||
See the section [Access rights](#access-rights) below for details.
|
||||
|
||||
|
@ -138,124 +137,13 @@ Finally, you can choose to leave the organization from here.
|
|||
|
||||
<a name="access-rights"></a>
|
||||
## Access rights
|
||||
The table below gives an overview of the permission system for organizations based on teams:
|
||||
An overview of the repository permissions in given in the article [Repository Permissions](/collaborating/repo-permissions).
|
||||
|
||||
<table>
|
||||
<caption style="caption-side:bottom; text-align:left">
|
||||
* Access to specific <a href="#sections">sections</a> can be restricted by owners.
|
||||
</caption>
|
||||
<thead>
|
||||
<tr>
|
||||
<th rowspan="2" style="vertical-align:bottom"> Task </th>
|
||||
<th colspan="3" style="text-align:center"> Other Teams </th>
|
||||
<th rowspan="2" style="text-align:center; vertical-align:top"> Team "Owners" </th>
|
||||
</tr>
|
||||
<tr>
|
||||
<th> Read access </th>
|
||||
<th> Write access </th>
|
||||
<th> Admin access </th>
|
||||
</thead>
|
||||
<tbody>
|
||||
<tr>
|
||||
<td> View, clone and pull team repository </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> * </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> * </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> * </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td> Contribute pull requests </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td> Push to/update contributed pull requests </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td> Push directly to team repository </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td> Merge pull requests </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td> Moderate/delete issues and comments </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td> Force-push/rewrite history (if enabled) </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td> Add/remove collaborators to team repository </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td> Configure team repository settings (enable wiki, issues, PRs, update profile) </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td> Configure branch settings (protect/unprotect, enable force-push) </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td> Edit team repository settings from the Danger Zone (transfer ownership, delete wiki data and repository, and archive repository) </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td> Edit/delete organization </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td> Add/remove team or member </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td> Define access rights of teams </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
Members of the "Owners" team can do everything that admins can do. But only owners of the organization can manage the organization, which includes:
|
||||
- edit/delete the organization,
|
||||
- add/remove members and teams,
|
||||
- define access rights of teams,
|
||||
- edit organization repository settings in the danger zone (i.e. transfer ownership, delete wiki data and repository, and archive repository).
|
||||
|
||||
When owners allow members of a team to be able to create new repositories for the organization (see box "Create repositories" in [Teams](#teams) settings), the member who creates the repository will be granted administrator rights for this repository, that is, editing all settings of the repository except those in the `Danger Zone` (transfer ownership, delete wiki data and repository, and archive repository). The member will be added as a collaborator to this repository (see [Invite Collaborators](/collaborating/invite-collaborators) for details).
|
||||
When owners allow members of a team to be able to create new repositories for the organization (see box "Create repositories" in [Teams](#teams) settings), the member who creates the repository will be added as a collaborator with administrator rights to this repository (see [Invite Collaborators](/collaborating/invite-collaborators) for details).
|
||||
|
||||
|
|
|
@ -27,7 +27,7 @@ Then navigate to the `Collaborators` tab and search for the user you want to add
|
|||
<img src="/assets/images/collaborating/invite-collaborators/add-collaborator.png" alt="add-collaborator">
|
||||
</picture>
|
||||
|
||||
Once added, you can define the access rights by clicking on the shield: `Read` (can see but not edit), `Write` (can see and edit) or `Administrator` (can do everything!). This is also where you can remove collaborators.
|
||||
Once added, you can define the access rights by clicking on the shield: `Read`, `Write` or `Administrator` (see [Repository Permissions](/collaborating/repo-permissions) for details). This is also where you can remove collaborators.
|
||||
|
||||
<picture>
|
||||
<source srcset="/assets/images/collaborating/invite-collaborators/collaborator-rights.webp" type="image/webp">
|
||||
|
|
104
content/collaborating/repo-permissions.md
Normal file
104
content/collaborating/repo-permissions.md
Normal file
|
@ -0,0 +1,104 @@
|
|||
---
|
||||
eleventyNavigation:
|
||||
key: RepoPerm
|
||||
title: Repository Permissions
|
||||
parent: Collaborating
|
||||
order: 50
|
||||
---
|
||||
|
||||
When you invite collaborators to join your repository (see [Invite Collaborators](/collaborating/invite-collaborators)) or when you create teams for your organization (see [Create and Manage an Organization](/collaborating/create-organization)), you have to decide what each collaborator/team is allowed to do.
|
||||
|
||||
There are four permission levels: Read, Write, Administrator and Owner.
|
||||
The owner is the one who created the repository, or, in case of an organization, all members of the team "Owners" (which by default includes the creator of the organization).
|
||||
|
||||
The table below gives an overview of what collaborators/teams are allowed to do when granted each of these permission levels:
|
||||
|
||||
<table>
|
||||
<thead>
|
||||
<tr>
|
||||
<th> Task </th>
|
||||
<th> Read </th>
|
||||
<th> Write</th>
|
||||
<th> Admin </th>
|
||||
<th> Owner </th>
|
||||
</thead>
|
||||
<tbody>
|
||||
<tr>
|
||||
<td> View, clone and pull repository </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td> Contribute pull requests </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td> Push to/update contributed pull requests </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td> Push directly to repository </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td> Merge pull requests </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td> Moderate/delete issues and comments </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td> Force-push/rewrite history (if enabled) </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td> Add/remove collaborators to repository </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td> Configure branch settings (protect/unprotect, enable force-push) </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<tr>
|
||||
<td> Configure repository settings (enable wiki, issues, PRs, update profile) </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td> Configure repository settings in the danger zone (transfer ownership, delete wiki data / repository, archive repository) </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-times" style="color: red"></i> </td>
|
||||
<td> <i class="fas fa-check" style="color: green"></i> </td>
|
||||
</tr>
|
||||
</tr>
|
||||
</body>
|
||||
</table>
|
Loading…
Reference in a new issue