Controlling access to code

Bitbucket Server provides the following types of permissions to allow fully customizable control of access to code.

Note that you can also:

Global permissions

Control user and group access to Bitbucket Server projects and to the Bitbucket Server instance configuration. For example, these can be used to control the number of user accounts that can access Bitbucket Server for licensing purposes.

See Global permissions.

Project permissions

Apply the same access permissions to all repositories in a project. For example, these can be used to define the core development team for a project.

See Using project permissions.

Repository permissions

Extend access to a particular repository for other, non-core, users. For example, these can be used to allow external developers or consultants access to a repository for special tasks or responsibilities.

See Using repository permissions.

Branch permissions

Control commits to specific branches within a repository. For example, these can provide a way to enforce workflow roles such as the Release Manager, who needs to control merges to the release branch.

See Using branch permissions.

Permissions matrix

The table below summarizes the cumulative effect of the permissions described above for anonymous and logged in users. In general, repository permissions override project permissions. A personal project can not be made public.

Key

Permission Effect
BROWSE Can view repository files, clone, pull to local
READ Can browse, clone, pull, create pull requests, fork to a personal project
WRITE Can merge pull requests
ADMIN Can edit settings and permissions
Global
(logged in) 
Project Repository Branch Effective permission
(error) Personal Personal NA No access
(error) Personal Public access NA BROWSE just that repo
(error) No access No access NA No access
(error) No access Public access NA BROWSE just that repo
(error) Public access Public access NA BROWSE all repos in project
(tick) Personal Personal NA No access
(tick) Personal Public access NA READ just that repo
(tick) No access No access NA No access
(tick) No access Public access NA READ just that repo
(tick) Public access No access NA READ all repos in project
(tick) Public access Public access NA READ
(tick) Public access Public access For this user READ that branch, no WRITE
(tick) No access READ NA READ just that repo
(tick) Public access READ NA READ just that repo
(tick) READ No access NA READ all repos in project
(tick) READ Public access NA READ all repos in project
(tick) READ READ NA READ all repos in project
(tick) READ No access For this user READ that branch, no WRITE
(tick) No access WRITE NA WRITE just that repo
(tick) Public access WRITE NA WRITE just that repo
(tick) WRITE No access NA WRITE all repos in project
(tick) WRITE WRITE NA WRITE all repos in project
(tick) WRITE WRITE For other users WRITE to other branches only
(tick) ADMIN     Can edit settings and permissions
Last modified on Nov 27, 2017

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.