Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Change permission from organization default #57

Open
bennysp opened this issue May 25, 2018 · 7 comments
Open

Change permission from organization default #57

bennysp opened this issue May 25, 2018 · 7 comments
Labels
OSPO

Comments

@bennysp
Copy link

bennysp commented May 25, 2018
edited
Loading

We would like to be able to have the Org level permission default to "read", but give the Repo admins the ability to remove the default permission so that they can control the permissions if absolutely necessary.

At the organization level, maybe they would have a checkbox that says something like "allow repo admins to override default permissions" and "allow github org owners to override default permissions".
@hwine
Copy link

hwine commented Jun 5, 2018

I'm not understanding what operation you can not currently do. Worst case, you create a team "all org members" and repo admins can grant that team write permissions as needed.

There are various scripts for automating the maintenance of such a team.

@bennysp
Copy link
Author

bennysp commented Jun 6, 2018
edited
Loading

@hwine
Sorry for the confusion. Some of the teams would like to "lock down" to not even read their repository. Since the default we set in the organization is set to read, how can a repo admin remove this default and override it?

@bennysp
Copy link
Author

bennysp commented Jun 6, 2018

In other words, they want to lock down to just their team with no one else in the org having the ability to read their repo, even though we have read set as the default in the org.

@hwine
Copy link

hwine commented Jun 6, 2018

@bennysp you get that by making the repo private.

@bennysp
Copy link
Author

bennysp commented Jun 7, 2018

@hwine in a Github organization, all our repos are "private". But internally, they are all readable.

I should have clarified, this is Github Business, so I apologize for the confusion.

@hwine
Copy link

hwine commented Jun 7, 2018

No worries -- I think you're at the "use teams" solution then, perhaps with some automation to support your (new) workflow.

@bennysp
Copy link
Author

bennysp commented Jun 9, 2018

Yeah. I was really hoping there could be something like this...

Read --> Override Default --> Allow _____ group

vs

Read --> No default --> Allow everyone group (through manual or automated workflow)

Concern is that by not having the Read default, I don't think a lot of our repo admins will "remember" to add the team everyone.

I think that is where you are saying we build some workflow automation into how a repo could get created and this would happen by default then. I appreciate the idea on a workaround to the problem, but I guess I would like to see if there is anyway to get this override ability as some type of feature request?

I have also logged this request to our account rep at github.com.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
OSPO
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@hwine @bennysp @jeffmcaffer