Self hosted Bitbucket persmission - bitbucket-server

So,
I am evaluating Bitbucket from Atlassian on a self hosted server and I've got this problem, if I don't give access to a repo the logged user can't see the repo, but
he can clone it using smartgit for example if he knows the link; probably I am doing something wrong but for my needs this is a security problem.
Any idea why this is happening?
cheers

This definitely shouldn't happen, and I'm sure there's a good explanation. Your best would be to contact our support team at support.atlassian.com and we can help you out.

Related

how to allow 3rd party to create repo (repo transfer) in our Org without let them see our private repo?

We have hired a 3rd party to work on a project, we started by not creating any Repo on our Github, but they started with their Repo. So now it's time to transfer the repo. However, in order to transfer the repo, the developer is asking permission to create a Repo in our Org... but as far as I know, I can only invite him first as a collaborator, a member, before he can create any private repo in our Org... that means he can see our other repo...
I couldn't find any good answer online, please help. Thanks!
Have you tried using Github's Organization features? You can create an organization with your team members in it, and control who has access to what.
Here's a Github page that explains a bit more about how it works.
Do not add them as a member to your Org! (this is the only option today from Github, nor owners...of course). If you do so, this will give your external developer access to all of your repos.
The only way I found you can safely invite an external user is to create a Repo first, then add them in that Repo. By doing that, they will be invited only to that repo, and have no access to the others.
This is my workaround. If you have a better solution, please do comment. I am curious how the "transfer" feature works.

Github API Repository permissions

I have a crazy complicated authentication process that I'm trying to wrap my brain around with this and I just need to be pointed in the right direction. I am building a website for Startup Weekend and we are trying to incorporate github repository management and don't know where to start. In it's simple form I need to give permissions for the website to access my github repo, then the website will allow another person (who is logged in with github) to be able to modify and push the code back up.
The simple way to do it is through adding that person outside of the site to the repository. However, it would be really cool if the site was able to manage it. Is this even possible to do? My closest assumption is pulling the code through the API, allowing a person access to the repo that is now downloaded, and then doing a merge through the API.
Would someone be able to point me in the right direction so we can win this thing! (If no one is able to answer I will keep digging and answer it for other people.) Thanks in advance!
The GitHub OAuth API page is a good start.
You can see it used in a project like thephpleague/oauth2-client in Provider/GithubTest.php.

Check-in using GitHub

I am checking out code using GitHub client for Windows. When I press "clone" button in browser, it looks like I have a local copy. However, there are a few files that GitHub is asking me to commit. Now, I have not even made any changes to anything on my local. So why is it asking me to "commit"?
Can anyone tell me why I am facing this problem. Also, are there any good GitHub tutorials to follow?
Thanks in advance,
There is a great github tutorial here, that should get you started with the basics: http://rogerdudler.github.io/git-guide/.

github: Not sure what it means to add #personname on the body of the issue

Someone asked me to do this: create an issue on your repository and add our Github handles to the issue body (#name1 and #name2) so we can review your submission.
I used the github software on windows7 and uploaded my source, then went to github.com and created an issue, and then added the above to what I believe is the "issue body."
I believe I've done it correctly, but given github's wierd lingual and it's unintuitive use, I have some doubts. I even had issue signing up an account with them as it gave no errors what was wrong. needless to say, github has been really irritating.
Please see this image and let me know if this is done correctly:
https://drive.google.com/file/d/0BxTAvARlh78dbXJGckRzS01oNVk/edit?usp=sharing
Thank you.
See #mentions on Github (which I believe is what you want):
https://github.com/blog/957-introducing-issue-mentions
https://github.com/blog/821

Is there a way to give someone access GitHub issues without giving them read access to the source code?

We have a GitHub organization setup with private repositories. We would like to give a few of our beta testers access to add and comment on issue but we don't want to give them access to the source code. Is there a way to do this?
I don't believe this is possible, due to the way issues are directly linked to commits.
See here:
https://help.github.com/articles/issues-only-access-permissions
Indeed you can do what you want to achieve, you just need to have a second repository for that purpose.