GIT support for branch based user authorization - Best Practices or Tools?

Question

For a product based GIT repository, wherein there are branches for maintenance, testing as well as future development, how do I control user access to these branches. By acc

Answer 1

The other classic way to restrict push access to a repo (or a branch or even a directory) is by using gitolite (which actually is a big evolution of gitosis).

You can define there (in the gitolite config file) any group of users or group of repos you need and associate RW access rights.

---

Note: August 2013:

• Stash provides read-only branches,
• and BitBucket should do the same soon

We've released branch restrictions which can be configured via the repository admin "Branch management" screen.

Assembla provides such a protection as well (since March 2013).

GitHub doesn't have yet this feature:
GitHub has that feature since Sept. 2015: see "How to protect “master” in github?".

Answer 2

Put a server side commit hook that denies commits to whatever branches you need read-only or based on who the committer is.

For merging request work flow, we use a local install of Gitorious and submit merge requests through its web interface and restrict the main-line repository to your integration team, everyone else would work from server side clones and then push merge requests back to the main-line repository.

With Gitorious you don't need the server side hooks, you just need to restrict access to the main-line repository to only the people you want to be committer. Much simpler and easier to maintain.