Ability for organization members to create repositories but with reduced inherited permission #18273
Description
Feature Description
Presently, within TEAM setting of an organization there is the ability to grant team members the ability to create repositories within an organization. However, this grants them admin access to that repository and with that comes two rights which having some additional control over would be beneficial.
-
The ability to add collaborators. In the event that a user is a RESTRICTED user for some reason, having "random" users add them to an organization repository can cause some problems
-
The ability accept a PullRequest regardless of the the number of approvers that have been selected as part of branch protect.
Adding collaborators should be an organization consideration in as far as, if a member is not part of the organization, they can't be added to a repository. This might mean a staging TEAM (no read access) is required to permit users pick from a list of organization member's
Restricting an admin from merging a PULL REQUEST is to stop accidental bypass of a valid signoff step while still permitting users to have admin rights for other housekeeping activities. As admin of an org/repo they will inherit the right to go in and change the permissions of a repository to permit admin forcing merge, but this is now a conscious choice (maybe due to people AFK) rather than accidental
Screenshots
No response