Open bennysp opened 6 years ago
I'm not understanding what operation you can not currently do. Worst case, you create a team "all org members" and repo admins can grant that team write permissions as needed.
There are various scripts for automating the maintenance of such a team.
@hwine Sorry for the confusion. Some of the teams would like to "lock down" to not even read their repository. Since the default we set in the organization is set to read, how can a repo admin remove this default and override it?
In other words, they want to lock down to just their team with no one else in the org having the ability to read their repo, even though we have read set as the default in the org.
@bennysp you get that by making the repo private.
@hwine in a Github organization, all our repos are "private". But internally, they are all readable.
I should have clarified, this is Github Business, so I apologize for the confusion.
No worries -- I think you're at the "use teams" solution then, perhaps with some automation to support your (new) workflow.
Yeah. I was really hoping there could be something like this...
Read --> Override Default --> Allow _____ group
vs
Read --> No default --> Allow everyone group (through manual or automated workflow)
Concern is that by not having the Read default, I don't think a lot of our repo admins will "remember" to add the team everyone.
I think that is where you are saying we build some workflow automation into how a repo could get created and this would happen by default then. I appreciate the idea on a workaround to the problem, but I guess I would like to see if there is anyway to get this override ability as some type of feature request?
I have also logged this request to our account rep at github.com.
We would like to be able to have the Org level permission default to "read", but give the Repo admins the ability to remove the default permission so that they can control the permissions if absolutely necessary.
At the organization level, maybe they would have a checkbox that says something like "allow repo admins to override default permissions" and "allow github org owners to override default permissions".