Permissions for repositories are applied at two levels: first, at the Project level, and then followed by per-repository path authorization.
Permissions at the Project level is managed through your project's Settings (followed by Permissions) page.
Repository level path permissions are managed through each repository's Path Based Permissions settings page:
Before you can define a path permission for a user, you will need to ensure that the user has the appropriate permission at the project level first.
For e.g. if you would like the user mydev to only be able to read and write to the path /myapp on your repository, you will need to permission mydev as a Writer at the project level first, before granting that user specific path based permissions.
Each section defines authorizations for a path, and then the authorisations follow. Each authorisation line can refer to:
Followed by a permission type:
For example, the following settings will grant read access to user alice and read/write access to user bob but denies access to john for the path /myapp:
[/myapp] alice = r bob = rw john =
To define groups in your path authorisation settings, you need to use a special section called groups, and reference them using the notation @groupname
For example, the following defines a group called devs made up by alice and bob:
[groups] devs = alice, bog
And the following grants the devs group read/write access to the path /myapp:
[/myapp] @devs = rw
The simplest setting you can have is to allow all permissions to be handled at the project level:
* = rw
Remember that permissions are applied at the project level first, and the setting above essentially says: grant all permissioned users the exact same access level that has been granted to them at the project level.
If you'd like to restrict certain users to certain paths, you will need to grant them explicit authorisations.
The example below gives bob access to the whole repository, except for the /tags path:
[/tags] bob = [/] * = rw
If you want to get more control on access granted to each user, then you need to amend the final wildcard entry and define permissions for each user.
The example below gives bob read access to /app1 only, and gives alice read/write access to /app1 and /app2. bob will need to be granted permission as a Reader at the project level, and alice as a Writer:
[/app1] alice = rw bob = r [/app2] alice = rw [/] * =
If you need any help with your repository's path permissions, please do raise a ticket
Feel free to contact us if you need any assistance.