Specific permissions structure

Hello, I have a fairly complex permissions question. What I would love to have is:

  1. all users in my work group to be able to read/write to all our various repos, while maintaining a protected master branch
  2. external collaborators read access only on specific repos
    Is this possible with the current permissions structures?

The fairly complex setup you describe is supported for quite some time now, probably from version 5 where teams were dropped in favor of groups, but I don’t really remember.

So yes. You can have a group and add users with different access levels and you can also add people to specific repos without being group members.

Read about permissions here http://doc.gitlab.com/ce/permissions/permissions.html

Certainly I’m aware of this option.

The one additional caveat that perhaps was not clear is that I want all repos to be visible to everyone in my group, i.e. disallow private repos.

Obviously this is akin to the “internal” setting, but that would allow external collaborators to see all repos just by logging in.

If I restrict the number of allowed repos to zero, then I could force all repos to be within the group, but the only people that could create new repos would have to have the “master” status. This is not ideal because I’d like to keep the ability to protect the master branch.

In my mind what would be ideal is if I could allow the developers access level to create repos in a group.

Additionally it would be better if the users who are “internal” can maintain their user namespace for their repositories (while still keeping them visible to other users who are “internal”).