Permissions & access
Manage who can access PullApprove and what impact is has on development workflows.
PullApprove integrates tightly with your git host (GitHub, GitLab, or Bitbucket) which means that varying levels of control are available in each service.
Ultimately, administrators in GitHub, GitLab, and Bitbucket have the ability to install or uninstall the integration and decide how it is applied to their repositories. Regardless of what happens in PullApprove, you will always have controls on the side of your git host to disconnect PullApprove or the impact it has on pull requests.
We'll use GitHub as an example for the rest of this page, but the same concepts apply to GitLab and Bitbucket.
Repos and pull requests
In the PullApprove UI, a user will only see repos and pull requests that they have access to in GitHub. Removing a user's access in GitHub will remove those pull requests from their view in PullApprove.
Managing user access to your organization's repositoriesYou can also choose whether PullApprove has access to all repos, or select repos. This setting can be changed at any time from inside GitHub.
Required statuses
PullApprove is enforced in GitHub via a required status check. This is what can actually block a pull request from being merged. This requirement is managed entirely in GitHub, and PullApprove does not change these settings. You are responsible for deciding whether or not PullApprove is a requirement.
At any time, a GitHub or repo admin can disable the required status check for PullApprove.
GitHub protected branches documentationGitHub rulesets documentation (a newer feature)
GitHub App install/uninstall
PullApprove can be completely uninstalled from a GitHub organization via the "GitHub Apps" page in your organization settings.
Note, if you uninstall the PullApprove app, your data and configuration settings in PullApprove will be deleted immediately.
If you plan to uninstall the app, you should make sure it is no longer a required status check and cancel any billing first.
Reviewing and modifying installed GitHub AppsPullApprove configuration and tools
Within PullApprove there are several features that can be used depending on PullApprove roles and permissions.
Permission | Org Member | Org Admin | Team Admin | Org Bypasser | PR author |
---|---|---|---|---|---|
View workflow | ✓ | ✓ | ✓ | ✓ | ✓ |
View team | ✓ | ✓ | ✓ | ✓ | ✓ |
View restriction | ✓ | ✓ | ✓ | ✓ | ✓ |
Edit workflow | ✓ | ||||
Edit team | ✓ | ✓ | |||
Edit restriction | ✓ | ||||
Nudge PR | ✓ | ✓ | ✓ | ✓ | ✓ |
Place PR on hold | ✓ | ✓ | |||
Change turns on PR | ✓ | ✓ | ✓ | ✓ | ✓ |
Approve bypassed PR | ✓ | ||||
Unapproved bypassed PR | ✓ | ||||
Edit organization seats | ✓ | ||||
Edit organization bypassers | ✓ | ||||
Manage billing | ✓ | ||||
Change fallback PR status | ✓ | ||||
Enable PR statuses | ✓ | ||||
Edit organization admins (contact us) |
PullApprove active/inactive seats
Active seats are used to determine which accounts to bill for.
Active seats are required for users to:
- Author PRs which are processed by PullApprove (inactive authors will receive an error status check)
- Be an admin of the organization in PullApprove
- Be a bypasser in PullApprove
- Be a reviewer or admin in a PullApprove review team
- View the PullApprove UI
Disabling a user's seat will remove their access to the PullApprove UI, but not change their GitHub access.