Deny access to folders on push

Hi all,

I would like to restrict the capacity of specific users to push to certain folders.

Is there a way to use Actions to do it?

If so, could you point me in the right direction, please? I can’t find anything useful in my searches.


Hi diego-mws,

In github actions, when we want to push new changes during workflow execution, we need to use GITHUB_TOKEN or a PAT .

There is the GITHUB_TOKEN permission, it has write permission to contents, so you can use it for push .

The permission of PAT is the same as the permission of the user.

According toAccess permissions on GitHub, there is no folder level permission to restrict specific user to push to certain folders.

So, I’m afraid that your requirement could not be reached.

Hi  Yanjingzhu,

thank you for your reply.

I am aware that there is not such an embedded filter for directories, that why I am trying to create a simple one through Actions.


I suppose you can access the user name and a list of files that are about to be pushed.

If I can run some code into an Action then I should be able to do this.

Let’s give to a specific user a custom access to a path: for “diego”, “root/src” = “no_access”

When I get a push request from the “diego”, I check each file for “root/src”, if I found one I reject the push.

Is it doable with Actions? How?

I am afraid that github actions could not reach your requirement. In a workflow run , you can not interact with the runner. It will be triggered and completed automatically.

Based on your scenario, use pull request is more suitable.

Although there is no way to deny a user’s permission to access to a folder, you can restrict him/her to push to master branch. When he/she wants to push to master, he/she needs to create a pull request and add you as the reviewer. You can see code changes in pull request > Files changes tab then decide whether it is qualified. After get your approval, the pull request can be merged .

Please see more info about pull request in this document: