Transitioning from Clearcase to Mercurial (A developer's account)

Tim Vernum tim at adjective.org
Fri Oct 7 16:52:29 UTC 2011 

On 8/10/11 3:11 AM, Michael Diamond wrote:
>
>     On 2011-10-07, at 17:05 , Ben Fritz wrote:
>     > Finally,
>     > and this was the killer argument, was the lack of fine-grained user
>     > access control.
>
>
> If you ever find yourself saying "I wish John Doe could see and/or
> edit this piece
> of code, but not this other piece" that's probably a sign your repos
> can be split up
> further.  If not, for instance if John Doe needs access to everything,
> but can't be
> trusted to commit, then you simply don't give him commit access and
> instead
> someone trusted manually pulls/imports his changes and reviews them before
> committing.  That's the open source model used by Mercurial and almost all
> other major projects, and works quite nicely.
>
This is really only an issue (both technically and philosophically) for
reading.
In any VCS that operates on changesets, it is not really feasible to
have fine-grained read permissions within the boundaries of a single
project.
Either you need to have a rule that says that a changeset cannot operate
on files that have different ACLs (and if you can make that rule, then
there's not really any reason why you cannot split the repo along those
same lines), or you have some way of splitting up a changeset so that
the reader only gets the files that they're interested in (and if you do
that, then your VCS is not really changeset-based anymore)

But writing is a different matter. It is certainly possible to reject
changesets that touch files the author (or more specifically commiter)
should not have write access to. In fact the ACL extension (hook) does
exactly that.

I believe that it is true philosophically also. A project should (as a
general rule) be a logical unit, so it does not make sense to say "I
want to download (clone) half a project", but it does make sense to say
"only the senior developers are allowed to commit changes that modify
the security code"

Fine grained (write) access control is possible in mercurial, even if it
doesn't fit Ben's company's needs (although I suspect it would).

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mercurial-scm.org/pipermail/mercurial/attachments/20111008/f8f1922e/attachment-0002.html>

More information about the Mercurial mailing list