Closed thisandagain closed 9 years ago
ran into this today, too -- read and write permissions for all private data and repos is definitely too wide, but it also sets us up for a potentially hairy legal situation, if people have access to organizational repos that they are only allowed access to due to NDAs. No matter how nice we are, Mozilla should probably not even know those repos exist =)
tested @davidascher's updated perms app: looks to be asking for the right permissions.
done
Original issue: https://github.com/MozillaFoundation/plan/issues/202