2

We are using TFS as project management interface and we are using Git for managing the repository.

We want users be limited to push a file and push to branch in the repository.

For example: In branch A, user1 can not make changes to file1, user2 can not make changes to file2, user3 can change every file in the branch etc.

Is it possible in TFS?

Görkem Özer
  • 504
  • 5
  • 13
  • we cannot exactly set the restriction as you mentioned, we can only set the permission accordingly based on the exist settings, please see the similar thread https://stackoverflow.com/questions/27989974/how-can-i-allow-only-certain-people-to-commit-in-visual-studio-online – Andy Li-MSFT Jun 16 '17 at 09:46

2 Answers2

0

Is it possible in TFS?

Not that I know.

What you can do is setup an intermediate repository which will act as a gatekeeper: if the push succeed, that repo (through a post-receive hook) will push to the actual target: the TFS Git repo.

That intermediate repo should be managed by an authorization layer like gitolite: gitolite can limit pushes to a branch or even a file: see "restricting pushes by dir/file name"

VonC
  • 1,262,500
  • 529
  • 4,410
  • 5,250
0

The only way I can see you possibly doing this is through a TFS server-side plugin. You can implement an ISubscriber that subscribes to the Git PushNotification event. This will allow you to inspect the pushed commits and block the push if your policies aren't satisfied. You will have to define your branch/user restrictions in some structured format outside of TFS however.

I have used this project successfully, which provides a nice framework for implementing policies on pushes to a TFS-hosted Git repo:

https://github.com/giuliov/GitPushFilterPlugin

The only caveat (from my own experience) is that the amount of data available in the PushNotification event may not be sufficient to determine which branches the IncludedCommits pertain to.

Pero P.
  • 25,813
  • 9
  • 61
  • 85