How can I allow only certain people to commit in Visual Studio Online?

Question

I have a Visual Studio Online account and multiple projects.

On each project I would like to choose who can commit into different branches. For example, I would like the lead developer to be the only person who can commit to 'master' which will then kick off a CI build.

I want to ensure that, when I'm using freelancers, that they can't merge into the 'master' or 'staging' without code review and testing.

Answer 1

Visual Studio Online has a set of granular permissions that you are able to set at the Git repo & branch level.

• Administer - repo & branch
• Branch Creation
• Contribute - repo & branch
• Note Management
• Read
• Force Push (rewrite and destroy history) - repo & branch
• Tag Creation

You can create custom security groups within your team projects and then assign them permissions. There are built-in security groups that you want (like Contributors) to ensure don't provide additional permissions to users than what you want for them so make sure that you look at it more broadly. For example, you can begin to remove permissions from the Contributors security group and begin adding permissions to other custom security groups. The main thing is that you can setup permissions to meet your goals.

Here's some more information about the permissions available for Git repositories in http://msdn.microsoft.com/en-us/library/ms252587.aspx#Git. Look up towards the top for an overview of security in TFS in general.