Permission Modes
This page is currently under development and will be filled with comprehensive content soon.
Overview
Diversion uses a simple but powerful permission system with three access levels: READ, WRITE, and ADMIN. This guide explains each permission mode and how to manage access.Coming Soon
This guide will include:- Detailed explanation of each permission mode
- What users can do at each level
- How to grant and change permissions
- Repository-level vs organization-level permissions
- Best practices for permission management
- Security considerations
Repository Permission Modes
READ
What users can do:- View repository contents
- Clone the repository
- View commit history
- View branches and tags
- Commit changes
- Create branches
- Modify repository settings
WRITE
What users can do:- Everything in READ, plus:
- Commit changes
- Create and merge branches
- Participate in code reviews
- Change repository settings
- Manage collaborators
- Delete the repository
ADMIN
What users can do:- Everything in WRITE, plus:
- Add/remove collaborators
- Change collaborator permissions
OWNER
- Everything in ADMIN, plus:
- Delete the repository
Managing Permissions
Organization Level:- OWNER: What the admin can, plus handle billing
- ADMIN: Manage members(except for the owner), and read access to all repositories
- MEMBER: Access assigned repositories
Best Practices
Principle of Least Privilege:- Grant minimum necessary permissions
- Regularly review access levels
- Remove access when no longer needed
- Core team members: WRITE access
- Project leads: ADMIN access
- External contributors: READ access (initially)
Related Resources
Last updated: 2025-10-25