In a big project versioned with TortoiseHG and Bitbucket used to store the shared repository, for code IPR safety reason, I need to restrict the access of developers both on reading and modifying to specific subfolders. In other words, I need that developers can clone, read, modify just the files on which they are working and all the dependencies of these that hopefully are all in the same subfolder. When they push their modifications, I would like to have all of them in the main repository after a next pull action. The main repository can be accessed just by the project owner(s), not by the developers.
Is the concept of sub-repository useful to get this requirement? If this is the case, how could I set it by TortoiseHG and Bitbucket?
Yes, you could do this with subrepos. To set it up, you'd have to create the main repo and sub repos as sibling repos in Bitbucket:
https://bitbucket.org/{Username}/{SubRepo1}
https://bitbucket.org/{Username}/{SubRepo2}
https://bitbucket.org/{Username}/{MainRepo}
Then your .hgsub inside MainRepo needs to contain the following:
SubRepo1 = ../SubRepo1
SubRepo2 = ../SubRepo2
Keep in mind though, that the project owner has to maintain the main repo. It won't automatically update to the latest revision of the subrepos.
For setting it up with Mercurial/TortiouseHg, see [the official documentation]: https://www.mercurial-scm.org/wiki/Subrepository