-
-
Notifications
You must be signed in to change notification settings - Fork 5.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Organizations: compromise team read access by another team with write access #3135
Closed
2 of 7 tasks
Labels
type/enhancement
An improvement of existing functionality
Milestone
Comments
Yes it's current limitation for our right system. Permissions and units are not directly related. Permissions are for repository not for units selected below. Units allow to disable/enable parts of repository. |
@lafriks but we in fact could do that. Maybe need a PR. |
@lunny yes we can :) |
should be fixed by #5314 |
Please feel free to reopen. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
[x]
):Description
Steps, how I noticed this:
My intention was to create a team which has read access on code, issues, pull requests and releases and write access on wiki, but I noticed I can't do this in one team, so I thought teams are more like access roles and I can define multiple, with different rights and add the users to all of this teams (am I wrong on this?). So I do the steps as described above and found this weird behavior.
Even if I understand the rights management completely wrong, it shouldn't be possible to compromise the rights of one team, by creating another one with the same member, especially not when team one gives access to different parts of the repository as team two.
The text was updated successfully, but these errors were encountered: