Acl extension to prevent pushing into default branch
Felix Dorner
fdorner at tuenti.com
Tue Feb 8 10:26:26 UTC 2011
Well, I basically gave up on it. I just cannot get it right. The rule
I need is so simple, I thought it must be possible...
Instead I wrote a custom hook for it :(
On Sun, Feb 6, 2011 at 8:36 AM, Snidely <snidely.too at gmail.com> wrote:
>
>
> On Jan 7, 10:05 am, Matt Mackall <m... at selenic.com> wrote:
>> On Fri, 2011-01-07 at 10:32 +0100, Felix Dorner wrote:
>> > Hi,
>>
>> > I need a setup a repository so that only users in a certain unix (LDAP
>> > managed) group are allowed to push changes to the default branch.
>> > Everyone else should have 'read' access to all branches and write
>> > access to all branches except the default. Is this possible with the
>> > ACL extension, and if so, could someone please give an example?
>> > Especially I don't seem to find a solution that specifies distinct
>> > permissions for read (pull) and write(push) operations.
>>
>> That's because the ACL extension deals only with write permissions!
>>
>> "This hook makes it possible to allow or deny write access to given
>> branches and paths of a repository when receiving incoming changesets
>> via pretxnchangegroup and pretxncommit."
>>
>> The ACL extension only prevents unauthorized _pushes_ that touch
>> particular parts of particular repositories. It's basically impossible
>> to deny read access to just part of a repository in Mercurial's model.
>
> So the read behaviour is intrinsically going to behave the way Felix
> wanted, and the ACL extension takes care of blocking unauthorized
> users from committing to the default branch?
>
> /dps
> _______________________________________________
> Mercurial mailing list
> Mercurial at selenic.com
> http://selenic.com/mailman/listinfo/mercurial
>
More information about the Mercurial
mailing list