Create
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Products
See all
Community resources
Top groups
Explore all groups
Community resources
Learn
Community resources
Events
Community resources

How to hide private Projects in Bitbucket?

Ethan Stern
Ethan Stern August 27, 2019

*Update at bottom*

First off, it appears the permissions for our Bitbucket account are totally independent from Jira (and other Atlassian) permissions. If this is not true, someone please set me straight.

In Bitbucket, our company account has user groups defined by customer and we pay monthly for some of these customer users to have access to their private repositories. (Pretty basic, I think.) All of the customers' private repositories are also under customer-specific private Projects. Correctly, customers can only see and modify their repos because their company group is granted explicit access to each repository. However...

What I just learned today (and I think it's giving me hives) is that customers can see each other's private Projects when they browse at the Project level. They can't by default see the private repositories underneath the private Projects, but they have a profoundly unprofessional (on our end) awareness of our overall client base because of the Project list. Not cool.

How do I limit which Projects our customers can see? It seems that since Bitbucket considers them "members" of our organization (because we pay their monthly fee) they automatically see everything, including all private Projects. The sharing and permissions for Projects seem limited to "Private" or "Public" without any ability to revoke browsing permissions.

It seems crazy there wouldn't be a solution to this--but after a bunch of searching and trying, I'm totally perplexed. Thanks in advance!

UPDATE: Customers who are granted access by repository do not see the private Projects that I want hidden (good news!). Customers who are granted access to their repositories by Bitbucket user group do see all of the private projects. An inconvenient fix is to delete the customer user groups and manage all of the customers' access on a repo-by-repo basis. This cleans up the most egregious problem, but I would prefer the groups feature to allow better control of permissions. Am I expecting too much?

Answer
Watch
Like Be the first to like this
2100 views

1 answer

0 votes
Ana Retamal
Ana Retamal
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 9, 2019

Hi Ethan,

Could you give us an example of a user that can see the repositories and a user that can not see the repositories so we can try to reproduce this issue?

If you'd prefer to share them privately, let us know and we'll create a Support ticket for you.

Best regards,

Ana 

View More Comments
Nomad Developer
Nomad Developer July 22, 2020

This hasnt been resolved yet? I would like to hide the projects list too.

Ill give you an example. 

Company has a bitbucket workplace called A.

In workplace A, there are projects P1-P19, with 10 repositories in each.

Then new project starts and its P20. Also new user group created for this project, call them P20Members (Actually doesnt matter).

Company invites some freelancers/outsourcing members to P20Members, gives them access to create/write repositories. And its supposed to that they will work and see project P20 only. But there is no way to assign any user groups or members to a project, only to a repository. So they can see the all 20 project list, create new repository in any of them, but cant see previous repositories inside each of them (because P20Members were not given access to these 190 repositories)

Is there any way to hide projects, and give access based on project only?

Basically that's kinda huge privacy breach cause everyone with any even lowest access level, can see literally every project we had/working on. 

Like
Reply

Suggest an answer

Log in or Sign up to answer
Bitbucket
Bitbucket
TAGS
AUG Leaders

Atlassian Community Events

    See all events