Events
17 Mar, 11 pm - 21 Mar, 11 pm
Join the meetup series to build scalable AI solutions based on real-world use cases with fellow developers and experts.
Register nowThis browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Azure DevOps Services | Azure DevOps Server 2022 - Azure DevOps Server 2019
Visual Studio 2019 | Visual Studio 2022
The tf git permission
command modifies the user access control list (ACL) and displays authorization settings for a Git repository or branch within a Git repository.
Category | Requirements |
---|---|
Permissions | - To view project collection permissions: View collection-level information permissions set to Allow. - To view project permissions: View project-level information set to Allow. - To view repository and branch permissions: Read permissions set to Allow. - To manage permissions: Manage permissions for the desired artifact set to Allow. |
For more information, see Default Git permissions.
tf git permission [/allow:(* |perm1[,perm2,...]]
[/deny:(* |perm1[,perm2,...])]
[/remove:(* |perm1[,perm2,...])]
[/user:username1[,username2,...]]
[/group:groupname1[,groupname2,...]]
/collection:TeamProjectCollectionUrl
[/teamproject:TeamProjectIdentifier]
[/repository:RepositoryIdentifier]
[/branch:BranchName]
[/login:username,[password]]
Parameter | Description |
---|---|
/allow:(* |<perm1>[,<perm2>,...]) |
The permissions to allow. |
/deny:(* |<perm1>[,<perm2>,...]) |
The permissions to deny. |
/remove:(* |<perm1>[,<perm2>,...]) |
The permissions to remove, sometimes referred to as not set. You can use all three of /allow , /deny , and /remove in the same invocation. For more information on how the allow, deny, and remove settings interact, see Permission settings. |
/user:<username1>[,<username2>,...] |
The user or users for which to allow, deny, or remove permissions. You must specify at least one user or group. |
/group:<groupname1>[,<groupname2>,...] |
The groups or groups for which to allow, deny, or remove permissions. You must specify at least one user or group. Groups and individuals can be used together. |
/collection:<TeamProjectCollectionUrl> |
Specifies the URL of the project collection that contains the permissions to view or modify. For example: http://myserver:8080/tfs/DefaultCollection or https://fabrikam-fiber.visualstudio.com . This parameter is required. |
/teamproject:<TeamProjectIdentifier> |
Specifies the name of the project that contains the permissions to view or modify. |
/repository:<RepositoryIdentifier> |
Specifies the name of the repo that contains the permissions to view or modify. |
/branch:<BranchName> |
Specifies the name of the branch that contains the permissions to view or modify. If you specify /branch , you must also specify /repository . |
/login:<username>[,<password>] |
Specifies the user account to run the command. See Use Team Foundation version control commands. |
See Git repository permission namespaces for a list of the permissions that can be administered by the tf git permission
command.
Note
The following examples are broken into multiple lines for readability. To copy and paste them into the command line and run them, first copy them and paste them into Notepad or another tool and edit them so the commands are contained on a single line.
The following example lists the permissions for the fabrikam-fiber
collection.
tf git permission /collection:https://dev.azure.com/fabrikam-fiber
/login:FabrikamUser@hotmail.com,FabrikamPassword
The following example lists the project level permissions for the FabrikamFiber
project, which is in the fabrikam-fiber
collection.
tf git permission /collection:https://dev.azure.com/fabrikam-fiber
/teamproject:FabrikamFiber
/login:FabrikamUser@hotmail.com,FabrikamPassword
The following example lists the project level permissions for the FabrikamFiber
repository, which is in the FabrikamFiber
project.
tf git permission /collection:https://dev.azure.com/fabrikam-fiber
/teamproject:FabrikamFiber
/repository:FabrikamFiber
/login:FabrikamUser@hotmail.com,FabrikamPassword
The following examples show how to create a branch policy that enforces the following constraints:
main
can exist at the repository root.features/
and users/
folders.releases/
folder.In this example you use the following collection, project, and repository:
/collection: https://fabrikam-fiber.visualstudio.com
/teamproject: FabrikamProject
/repository FabrikamRepo
First, block the CreateBranch
permission at the repository root for the project's contributors.
tf git permission /deny:CreateBranch
/group:[FabrikamProject]\Contributors
/collection:https://dev.azure.com/fabrikam-fiber/
/teamproject:FabrikamProject
/repository:FabrikamRepo
Then, allow contributors to create branches under features
and users
.
tf git permission /allow:CreateBranch
/group:[FabrikamProject]\Contributors
/collection:https://dev.azure.com/fabrikam-fiber/
/teamproject:FabrikamProject
/repository:FabrikamRepo
/branch:features
tf git permission /allow:CreateBranch
/group:[FabrikamProject]\Contributors
/collection:https://dev.azure.com/fabrikam-fiber/
/teamproject:FabrikamProject
/repository:FabrikamRepo
/branch:users
Allow administrators to create branches under releases
.
tf git permission /allow:CreateBranch
/group:"[FabrikamProject]\Project Administrators"
/collection:https://dev.azure.com/fabrikam-fiber/
/teamproject:FabrikamProject
/repository:FabrikamRepo
/branch:releases
Finally, allow administrators to create a branch called main
, in case it ever gets deleted accidentally.
tf git permission /allow:CreateBranch
/group:"[FabrikamProject]\Project Administrators"
/collection:https://dev.azure.com/fabrikam-fiber/
/teamproject:FabrikamProject
/repository:FabrikamRepo
/branch:main
Events
17 Mar, 11 pm - 21 Mar, 11 pm
Join the meetup series to build scalable AI solutions based on real-world use cases with fellow developers and experts.
Register now