Permissions define what users can and cannot do in the project. There are two default permission roles in Buddy:
- Developer - user can view, add, edit and remove all elements in the project
- Read-only - users can view and comment on all elements in the project, but cannot add new or edit and remove existing ones
Permissions are assigned per-project, meaning a user can have different permissions across several projects. Admins and the workspace owner always have full access to all parts of the service. Users automatically added to new projects are assigned Developer permissions by default.
How to create custom permission sets?
Custom permissions allow for more scrupulous control over your workspace. For example, you can hide pipelines and leave read-only access for your repository if you want to show your code to the client.
- Go to Dashboard → Workspace Preferences at top navi-bar
- Select Permissions and click Create a new permission, top-right
- Provide name, description (optional) and define scopes of access
- Click Save changes to confirm and add the new permissions to the list
Scopes of access in custom permissions
Source permissions define how much control a user will get in the repository:
- Read-only – user can browse the repository and comment on commits
- Read & write – user can view, add, edit and remove all elements in the repository and comment on commits
If you want to restrict write permissions to a specific branch you can use push permissions.
Pipeline permissions define how much control a user can get over pipelines (deployments):
- Denied - user has no access to the Pipelines tab
- View-only - user can view and comment on pipelines
- Run-only – user can run pipelines but cannot add, edit or remove them
- Manage – user has full R/W control over pipelines
You can also hide a pipeline from specific users and groups using Visibility settings at the pipeline view.