It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Can a person with Read only access to private repository copy and download the repository?

I want to give someone access to my private repository to just review the code and see it but not copy/download the code.

What access level should I grant?

Can read only access prevent downloading/copying repository?

2 answers

1 accepted

4 votes
Answer accepted

Dear Vesh,

The following permission levels and its consequences exist within Bitbucket repositories;

Screenshot from 2017-08-07 09-03-07.png

So, regarding to your question.. yes, people can clone/fork/pull the repository to their local system.

Here a link to the documentation.

Friendly Regards,

Jeremy Mooiman

And does cloning/forking means actual download of the repository to the user's computer/laptop or taking the code away from bitbucket?

What type of access do I grant for person to jest review the code but not download it to their system?

Dear Vesh,

Yes, a user will be able to ''clone'' the repository and thus download a repository to his/her local machine and read the files.

Cloning a repository fork or branch

When you want to work on a project by updating its files or adding new files, you need to make a local clone of the remote Bitbucket repository onto your machine or local network. You do this using the Clone button from the Bitbucket repository. If you forked a repository, you simply clone the fork. If you branched a repository, you clone the repository and checkout the branch.

Friendly Regards,

Jeremy Mooiman

To follow up on your question that I missed during writing my answer; The three permissions;

  • Admin, Write and Read

Will all allow for code to be cloned and thus downloaded to an individual his/her system.

Your request for a user to only review code is practically the same, because some one could still copy code.

Friendly Regards,

Jeremy Mooiman

Jeremy hits the nail on the head: If a user can read code (even without cloning the repo), there is nothing preventing them from using copy & paste to get hold of the entirety of the code after all.



Premier Support Engineer


I understand both sides of this argument. 

Sure, a user would technically be able to copy the code if they could read it - but in reality, that would be extremely laborious process, given that most projects occupy numerous files in complex directory structures.

It agree that it would be nice to be able to give a user (a prospective employer, for example) access to your code in order to assess your skill level, without making it easy for them to clone all of your existing projects.

Like 2 people like this

As an owner I would agree that having an option for just a review would be great as there are certain times where you need to share some code but want to be certain a clone is not performed.  Having a way to do this would certainly be something I would pay for. 

Like 2 people like this

That privilege is for those who have a premium account, I found this...

Requiring two-step verification

You can require that the users with access to private content are only able to see the content if they've enabled two-step verification. If they haven't enabled two-step verification, users with access will see a message that prompts them to enable it. In addition to being unable to see this content, users won't be able to clone, push, or pull a private repository either.

Suggest an answer

Log in or Sign up to answer
This widget could not be displayed.
This widget could not be displayed.
Community showcase
Published Mar 14, 2019 in Bitbucket Pipelines

Building a Bitbucket Pipe as a casual coder :  #!/bin/bash source "$(dirname "$0")/" enable_debug extra_args="" if [[ "${DEBUG}" == "true" ]]; then extra_args="--verbose" fi # mandatory variables R...

973 views 1 16
Read article

Atlassian User Groups

Connect with like-minded Atlassian users at free events near you!

Find a group

Connect with like-minded Atlassian users at free events near you!

Find my local user group

Unfortunately there are no AUG chapters near you at the moment.

Start an AUG

You're one step closer to meeting fellow Atlassian users at your local meet up. Learn more about AUGs

Groups near you