h759bkyo4/Documentation
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

permissions for repo and org

Browse source
This commit is contained in:
Ivan Calandra 2020-10-15 10:46:57 +02:00
parent 2a7ceacdb3
commit ca0d41948f
3 changed files with 112 additions and 120 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

126
content/collaborating/create-organization.md
View file

@ -100,7 +100,6 @@ Click the green `+ New Team` to create a new team. Define its name, permissions
You can choose whether members of the team can only access some repositories explicitly added to the team, or whether they can access all repositories of the organziation.
You can also allow members to be able to create new repositories for the organization.
If you have allowed repository administrators to grant or remove access for teams (see [Create an Organization](#create-orga) above), they can do so in `Settings > Collaborators` tab of the repository.
<a name="sections"></a>
If you choose either `Read` or `Write` access, you can additionally define which sections of the repositories (code, issues, pull requests, releases and wiki) the members will have (read or write) access to. On the other hand, `Administrator` access automatically grants read and write access to all sections; this part of the form is therefore hidden in this case.
See the section [Access rights](#access-rights) below for details.
@ -138,124 +137,13 @@ Finally, you can choose to leave the organization from here.
<a name="access-rights"></a>
## Access rights
The table below gives an overview of the permission system for organizations based on teams:
An overview of the repository permissions in given in the article [Repository Permissions](/collaborating/repo-permissions).
<table>
<caption style="caption-side:bottom; text-align:left">
* Access to specific <a href="#sections">sections</a> can be restricted by owners.
</caption>
<thead>
<tr>
<th rowspan="2" style="vertical-align:bottom"> Task </th>
<th colspan="3" style="text-align:center"> Other Teams </th>
<th rowspan="2" style="text-align:center; vertical-align:top"> Team "Owners" </th>
</tr>
<tr>
<th> Read access </th>
<th> Write access </th>
<th> Admin access </th>
</thead>
<tbody>
<tr>
<td> View, clone and pull team repository </td>
<td> <i class="fas fa-check" style="color: green"></i> * </td>
<td> <i class="fas fa-check" style="color: green"></i> * </td>
<td> <i class="fas fa-check" style="color: green"></i> * </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
</tr>
<tr>
<td> Contribute pull requests </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
</tr>
<tr>
<td> Push to/update contributed pull requests </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
</tr>
<tr>
<td> Push directly to team repository </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
</tr>
<tr>
<td> Merge pull requests </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
</tr>
<tr>
<td> Moderate/delete issues and comments </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
</tr>
<tr>
<td> Force-push/rewrite history (if enabled) </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
</tr>
<tr>
<td> Add/remove collaborators to team repository </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
</tr>
<tr>
<td> Configure team repository settings (enable wiki, issues, PRs, update profile) </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
</tr>
<tr>
<td> Configure branch settings (protect/unprotect, enable force-push) </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
</tr>
<tr>
<td> Edit team repository settings from the Danger Zone (transfer ownership, delete wiki data and repository, and archive repository) </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
</tr>
<tr>
<td> Edit/delete organization </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
</tr>
<tr>
<td> Add/remove team or member </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
</tr>
<tr>
<td> Define access rights of teams </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
</tr>
</tbody>
</table>
Members of the "Owners" team can do everything that admins can do. But only owners of the organization can manage the organization, which includes:
- edit/delete the organization,
- add/remove members and teams,
- define access rights of teams,
- edit organization repository settings in the danger zone (i.e. transfer ownership, delete wiki data and repository, and archive repository).
When owners allow members of a team to be able to create new repositories for the organization (see box "Create repositories" in [Teams](#teams) settings), the member who creates the repository will be granted administrator rights for this repository, that is, editing all settings of the repository except those in the `Danger Zone` (transfer ownership, delete wiki data and repository, and archive repository). The member will be added as a collaborator to this repository (see [Invite Collaborators](/collaborating/invite-collaborators) for details).
When owners allow members of a team to be able to create new repositories for the organization (see box "Create repositories" in [Teams](#teams) settings), the member who creates the repository will be added as a collaborator with administrator rights to this repository (see [Invite Collaborators](/collaborating/invite-collaborators) for details).

2
content/collaborating/invite-collaborators.md
View file

@ -27,7 +27,7 @@ Then navigate to the `Collaborators` tab and search for the user you want to add
<img src="/assets/images/collaborating/invite-collaborators/add-collaborator.png" alt="add-collaborator">
</picture>
Once added, you can define the access rights by clicking on the shield: `Read` (can see but not edit), `Write` (can see and edit) or `Administrator` (can do everything!). This is also where you can remove collaborators.
Once added, you can define the access rights by clicking on the shield: `Read`, `Write` or `Administrator` (see [Repository Permissions](/collaborating/repo-permissions) for details). This is also where you can remove collaborators.
<picture>
<source srcset="/assets/images/collaborating/invite-collaborators/collaborator-rights.webp" type="image/webp">

104
content/collaborating/repo-permissions.md Normal file
View file

@ -0,0 +1,104 @@
---
eleventyNavigation:
key: RepoPerm
title: Repository Permissions
parent: Collaborating
order: 50
---
When you invite collaborators to join your repository (see [Invite Collaborators](/collaborating/invite-collaborators)) or when you create teams for your organization (see [Create and Manage an Organization](/collaborating/create-organization)), you have to decide what each collaborator/team is allowed to do.
There are four permission levels: Read, Write, Administrator and Owner.
The owner is the one who created the repository, or, in case of an organization, all members of the team "Owners" (which by default includes the creator of the organization).
The table below gives an overview of what collaborators/teams are allowed to do when granted each of these permission levels:
<table>
<thead>
<tr>
<th> Task </th>
<th> Read </th>
<th> Write</th>
<th> Admin </th>
<th> Owner </th>
</thead>
<tbody>
<tr>
<td> View, clone and pull repository </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
</tr>
<tr>
<td> Contribute pull requests </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
</tr>
<tr>
<td> Push to/update contributed pull requests </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
</tr>
<tr>
<td> Push directly to repository </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
</tr>
<tr>
<td> Merge pull requests </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
</tr>
<tr>
<td> Moderate/delete issues and comments </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
</tr>
<tr>
<td> Force-push/rewrite history (if enabled) </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
</tr>
<tr>
<td> Add/remove collaborators to repository </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
</tr>
<tr>
<td> Configure branch settings (protect/unprotect, enable force-push) </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<tr>
<td> Configure repository settings (enable wiki, issues, PRs, update profile) </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
</tr>
<tr>
<td> Configure repository settings in the danger zone (transfer ownership, delete wiki data / repository, archive repository) </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-times" style="color: red"></i> </td>
<td> <i class="fas fa-check" style="color: green"></i> </td>
</tr>
</tr>
</body>
</table>