[Feature request] Users groups and projects permissions

[AdrienLemaire]

Hi,

Did you envisage the possibility to create group of users and restrict access to some projects ?

Because my projects are private (had to create an ssh key for barkeep and git clone from the directory, not possible to add private repos from the interface unfortunately), I wouldn't like if anybody who oauth on barkeep gets access to those projects.

I'd like to have a "Authorized Users" group, and those users only could access my private repo.

I hope my request makes sense, and that it wouldn't be to complicated to implement.

Thanks for your hard work !

[AdrienLemaire]

For the moment, I'll add a website protection on top of barkeep (kind of defeats the purpose of oauth). Having groups will make it better.

[cespare]

@Fandekasp Would having a user whitelist (#361) or a domain whitelist (#207) solve your use case?

[AdrienLemaire]

If I understand, the user whitelist would be a list of projects authorized per user ?
Guess it's good enough. Having groups a-la gitolite makes it easier to authorize the same group of people for a project, but user whitelist would still do the trick :)

[mbrochh]

@cespare I think the option to restrict users to certain repos only would be awesome. We have currently 50 repos in our instance and one repo belongs to a customer. We would like to invite him to see the codereviews, but then he would also see all our other 49 repos, which we don't want.

[michalrus]

@cespare @ooyala Would you accept a pull request with this feature?