> ## Documentation Index
> Fetch the complete documentation index at: https://bloodhound.specterops.io/llms.txt
> Use this file to discover all available pages before exploring further.

# GH_RestrictionsCanPush

> User or team is allowed to push to branches protected by this rule

<img noZoom src="https://mintcdn.com/specterops/tTIczgde9H07oLXf/assets/enterprise-AND-community-edition-pill-tag.svg?fit=max&auto=format&n=tTIczgde9H07oLXf&q=85&s=ad49a576589f4d2a8081df77d07fdf56" alt="Applies to BloodHound Enterprise and CE" width="482" height="45" data-path="assets/enterprise-AND-community-edition-pill-tag.svg" />

## Edge Schema

* Source: [GH\_User](/opengraph/extensions/github/nodes/gh_user), [GH\_Team](/opengraph/extensions/github/nodes/gh_team)
* Destination: [GH\_BranchProtectionRule](/opengraph/extensions/github/nodes/gh_branchprotectionrule)
* Traversable: ❌

## General Information

The non-traversable GH\_RestrictionsCanPush edge represents a per-actor allowance that grants push access through push restrictions on a branch protection rule. This edge identifies specific users or teams that are permitted to push to the protected branch even when push restrictions are active. This is security-relevant because push restrictions limit who can directly push to a branch, and actors with this allowance bypass that control. Unlike [GH\_BypassPullRequestAllowances](/opengraph/extensions/github/edges/gh_bypasspullrequestallowances), this allowance is NOT suppressed by `enforce_admins` — listed actors retain push access regardless of admin enforcement settings.

```mermaid theme={null}
graph LR
    user1("GH_User deploy-bot")
    team1("GH_Team platform-eng")
    bpr1("GH_BranchProtectionRule release/*")
    user1 -- GH_RestrictionsCanPush --> bpr1
    team1 -- GH_RestrictionsCanPush --> bpr1
```