Regarding "Read only" permissions in Bitbucket

Thank you for your reply Alexey. Following are the options I am getting when I select Branch permissions.

In this, how to control for members to have permissions for creating branch, commit the changes, create pull request but not merge the request ? For merge, we would like to control the permissions to very few.

Your permissions look ok. Actually if a user has only read-only permissions, this user can not make changes to the code. I just thought maybe there is a bug or something. But it looks ok in your settings.

By the way, what do you mean by merge request? As far as I know there are only pull requests.

I mean "merge" the change to branch.

You mean the push command?

By the way, could it be that this users are in some group, which have the wirte permission in your bitbucket?

Hi Alexey, I mean the option in above pic which would come when we create a pull request for a change.

Now I got some clarity with further experiments. I was thinking to control merge permission to developer branch also which is not required generally. I can control pull request from a developer branch to release branch which is my main requirement.

I gave write permissions to users. Users can create, review, merge to developer branches. But I can control merging those changes to release branch with branch permissions.

Please let me know if this is fine or any other improvements can be done.

Yes, usually it is done like this. Users have write permissions for your repository. In this case they can create branches and change them. But you have a couple of branches (master, develop), to which most users do not have the write permission. These users create only pull requests to these branches and then users, who have the write permission on these branches (repository settings -> branch permissions) can already merge these pull request. I guess, right now your setups are like this.