Only allow specific developers access to certain files?

Hi,

Is it possible to allow developers on my project access only to the files they are allowed to work on? i.e. in the repository the whole project would include front end client side code, back end server side code, database configs and other files. Can I set things so e.g. the front end developers only have access to their front end code and not the back end server code etc that others are working on? (i.e. they should even be able to read other code).

I know that GitLab allows various security settings on repositories as listed here: https://about.gitlab.com/2014/11/26/keeping-your-code-protected/ but this doesn’t seem to cover my scenario above.

Many thanks,
Alex

3 Likes

You are not even clearly stating if what you want is for someone to have PARTIAL ACCESS to a SINGLE GIT REPO (impossible) or if you want to have different users have different repo access (possible).

Selective access to folders and files is POSSIBLE in some tools (SUBVERSION) and IMPOSSIBLE in a DVCS like GIT.

The granularity of access is THE ENTIRE REPOSITORY.

You want to keep back end separate from front end? TWO REPOS.

You don’t trust your devs enough to let them read the other side of the app and you want to hide it? Your call. Not typically a good sign for your company though.

Warren
[Not a representative of anybody, just a random Internet community member]

Yes, sorry it’s different access levels within the same repo. So looks like I’ll have to split the front and back end between repos. Nature of the project is we’re using random devs from around the world who we don’t know so we need to be a little careful in giving someone full access to the entire project code as people can unfortunately take your entire codebase and set up a competitor with it!
Thanks for your input.

Hmm. Yes, if all your devs are lowest-bidder-contractors then you may want to keep it split up like that.

Good luck with that. :slight_smile:

W

GitHub has this feature now (or similar):

So seems possible… partially :slight_smile:

Does it mean highly paid employees don’t mess with data.
Do read some history …
It’s a best practice always to isolate environment data …

1 Like
  1. Single folder/file access is very necessary. Most of people use freelancers, so, we need to be careful. The world don’t consist only with honest employees… Even, there are cases when I want to just share one file to someone for a moment…

  2. Will this be ever implemented here on GitLab as it’s on GitHub (link provided in last comment)?

3 Likes

Yes, such a feature will be very useful, as with increasing number of micro-services projects, each folder could potentially become a Microservices or a module which should be controlled by a owner across limited number of developer

Even Google maintains their repo in this way with a Tree kind of folder structure, where each folder is owned and controlled by a specific owner, while all their employees continue to be maintaining a single Repo (monorepo)

Please consider adding this to your roadmap

5 Likes

Great question. Thank you. I have the same scenario … all company code is in a single repo but I don’t want every contractor to see everything. Got nothing to do with lowest bidder.

Sometimes, in case, your developers needs to change the configuration on the local environment, but you don’t want them to commit, it could have been ignored but there are some default values to be populated.
SO you just want them to avoid comminting changes they have made locally, but recieve changes if any made explicitly, to put it simple one-way-update.