Where are my access rights!?
If you switched from TFVC to Git, you’ll notice that there is no access control at file level. This is because the Git model is not adapted to have this kind of access rights. Git is still a secured source control system and TFS/VSO have a large set of access rights to configure.
From a developer’s point of view, the most important rights are:
- branch creation (repo level): with this right you can control who can create branches on the server repo. That does not mean that developers cannot create branches locally (branch and repo level): they just cannot push them to the server without this right.
- Rewrite and destroy history: very dangerous, but can be useful to avoid already synced commit rebased and pushed to the server
- Tag creation (repo level): as branch creation, this right is useful to manage the repository structure
If you have several repositories, you can also define the default behavior for all repositories at project level:
By default, contributors can push new branches and tags to the repo. You can change that directly at project level and define a specific group for these operations.
Limited access to the master branch
Another possible scenario is to isolate the master branch: no developers are allowed to push commits on it. A dedicated team is in charge of merging developers branches into the master branch: very useful if you have feature teams. This scenario can be applied to any branch of your repository.
How to switch to Git if you have different access level per directories?
The git approach is different. In this case you should create several repository with specific access rights for each one. Git submodules is maybe your solution. Submodules are not handled by Visual Studio, but you can change that.