Perforce 2000.2 System Administrator's Guide (2000.2.sa.1) | ||
<< Previous Chapter Administering Perforce: Superuser Tasks |
Table of Contents Index Perforce on the Web |
Next Chapter >> Customizing Perforce: Job Specifications |
The Perforce protections are stored in the db.protect file in the server root directory; if p4 protect is first run by an unauthorized user (or if you accidentally lock yourself out!) the depot can be brought back to its unprotected state by removing this file.
(The five fields may not line up vertically on your screen; they are aligned here for ease of reading).
The meanings of these fields are:
Each Perforce command is associated with a particular minimum access level; for example, to run p4 sync on a particular file, the user must have been granted at least read access on that file. The access level required to run a particular command can usually be reasoned from knowledge of what the command does; for example, it is somewhat obvious that p4 print would require read access. For a full list of the minimum access levels required to run each Perforce command, see "How Protections are Implemented" on page 43.
Read access to particular files should be granted to users who don't ever need to edit those files. For example, an engineer might have write permission for source files, but have only read access to the documentation; managers might be granted only read access to all files.
Because open access allows local editing of files, but doesn't allow these files to be written to the depot, open access is usually granted only in unusual circumstances. Choose open access over write access when users will be testing their changes locally, but when these changes should not be seen by other users. For instance, bug testers may want to change code in order to test theories as to why particular bugs occur, but these changes would be for their own use, and would not be written to the depot. Perhaps a codeline has been frozen, and local changes are to be submitted to the depot only after careful review by the development team. In these cases, open access would be granted until the code changes have been approved; after which time the protection level would be upgraded to write and the changes submitted.
This indicates that write access is granted to all users, on all hosts, to all files. Additionally, the user who first invoked p4 protect (in this case, edk) is granted superuser privileges.
Lisa, whose Perforce username is lisag, is using a client with the IP address 195.42.39.17. The protections
file reads as follows:
read user * 195.42.39.17 //... |
The union of the first three permissions apply to Lisa. Her username is lisag, and she's currently using a client
workspace on the host specified in lines 1 and 2. Thus, she can write files located in the depot's doc subdirectory,
but can only read other files. Lisa tries the following:
She types p4 edit //lisag/doc/elm-help.1, and is successful.
She types p4 edit //lisag/READ.ME, and is told that she doesn't have the proper permission. She is trying
to write a file that she only has read access to. She types p4 sync //lisag/READ.ME, and this command
succeeds; only read access is needed, and this is granted to her on line 1.
Lisa later switches to another machine with IP address 195.42.39.13. She types p4 edit
//lisag/doc/elm-help.1, and the command fails; when she's using this host, only the third permission
applies to her, and she only has read privileges.
To use exclusionary mappings properly, it is necessary to understand some peculiarities associated with them:
Ed has used p4 protect to set up protections as follows:
The first permission seemingly grants write access to all users to all files in all depots, but this is overruled by
later exclusionary protections for certain users.
The third permission denies Joe permission to access any file from any host. No subsequent lines grant Joe any
further permissions; thus, Joe has been effectively locked out of Perforce.
The fourth permission denies Lisa all access to all files on all hosts, but the fifth permission gives her back
write access on all files within a specific directory. If the fourth and fifth lines were switched, Lisa would be
unable to run any Perforce command.
Groups are maintained with p4 group and their protections assigned with p4 protect. Only Perforce superusers may use these commands.
The command p4 group groupname displays a form with two fields: Group: and Users:. The Group: field stores the group name, and cannot be edited; Users: is empty when the group is first created, and must be filled in. User names are entered under the Users: field header; each user name must be typed on its own line, and should be indented. A single user may be listed in any number of groups.
As of Release 99.2, groups can contain other groups, not just users. To add all users in a previously-defined group to the group you're presently working with, include the group name in the Subgroups: field of the p4 group form. User and group names occupy separate namespaces; thus, groups and users can have the same names.
This protections table grants list access to all members of the group devgrp, and super access to user edk:
If a user belongs to multiple groups, one permission may override another, but the actual permissions granted to a specific user can be determined by replacing the names of all groups that a particular user belongs to with the user's name within the protections table, and applying the rules described earlier in this chapter.
p4 group -d groupname
Alternately, invoke p4 group groupname and delete all the users from the group in the resulting editor form. The group will be deleted when the form is closed.
Users' access to files is determined by the following steps:
Suppose that our protections table is set as follows:
If Ed runs p4 print //depot/foo, Perforce examines the protections table bottom to top, and first
encounters the last line. The files specified there don't match the file that Ed wants to print, so this line is irrelevant.
The second-to-last line is examined next; this line matches Ed's user name, his IP address, and the file he
wants to print; since this line is an exclusionary mapping, Ed isn't allowed to even list the file.
Perforce 2000.2 System Administrator's Guide (2000.2.sa.1) | ||
<< Previous Chapter Administering Perforce: Superuser Tasks |
Table of Contents Index Perforce on the Web |
Next Chapter >> Customizing Perforce: Job Specifications |