Perforce 2007.3 Command Reference | ||
<< Previous Chapter p4 print |
Table of Contents Index Perforce on the Web |
Next Chapter >> p4 protects |
Access Level |
What the User Can Do |
---|---|
list |
The user can access all Perforce metadata, but has no access to file contents. The user can run all the commands that describe Perforce objects, such as p4 files, p4 client, p4 job, p4 describe, p4 branch, etc. |
read |
The user can do everything permitted with list access, and also run any command that involves reading file data, including p4 print, p4 diff, p4 sync, and so on. |
open |
This gives the user permission to do everything she can do with read access, and gives her permission to p4 add, p4 edit, and p4 delete files. However, the user is not allowed to lock files or submit files to the depot. |
write |
The user can do all of the above, and can also write files with p4 submit and lock them with p4 lock. |
review |
This permission is meant for external programs that access Perforce. It gives the external programs permission to do anything that list and read can do, and grants permission to run p4 review and p4 counter. It does not include open or write access. |
admin |
Includes all of the above, including administrative commands that override changes to metadata, but do not affect server operation. These include p4 branch -f, p4 change -f, p4 client -f, p4 job -f, p4 jobspec, p4 label -f, p4 obliterate, p4 typemap, p4 unlock -f, and p4 verify. |
super |
Includes all of the above, plus access to the superuser commands such as p4 admin, p4 counter, p4 triggers, p4 protect, and so on. |
Column |
Description |
---|---|
Access Level |
One of the access levels list, read, open, write, review, or super, as defined above. |
User or Group |
Does this protection apply to a user or a group? The value of this field must be user or group. |
Group Name or User Name |
The name of the user or the name of the group, as defined by p4 group. To grant this permission to all users, use the * wildcard. |
Host |
The IP address. CIDR notation is supported. The * wildcard can also be used to refer to all IP addresses, but only when you are not using CIDR notation. |
Depot File Path |
The depot file path this permission is granted on, in Perforce depot syntax. The file specification can contain Perforce wildcards. To exclude this mapping from the permission set, use a dash (-) as the first character of this value. |
When exclusionary mappings are not used, a user is granted the highest permission level listed in the union of all the mappings that match the user, the user's IP address, and the files the user is trying to access. In this case, the order of the mappings is irrelevant.
When exclusionary mappings are used, order is relevant: the exclusionary mapping overrides any matching protections listed above it in the table. No matter what access level is being denied in the exclusionary protection, all the access levels for the matching users, files, and IP addresses are denied.
If you use exclusionary mappings to deny access to an area of the depot to members of group1, but grant access to the same area of the depot to members of group2, a user who is a member of both group1 and group2 is either granted or denied access based on whichever line appears last in the protections table.
-i |
Read the form from standard input without invoking an editor. |
-o |
Write the form to standard output without invoking an editor. |
See the Global Options section. |
super user bill * //... |
Joe attempts a number of operations. His success or failure at each is described below:
From IP address... |
Joe tries... |
Results |
---|---|---|
10.14.10.1 |
p4 print //depot/misc/... |
Succeeds. The second line grants Joe write access on these files; write access includes read access, and this protection isn't excluded by any subsequent lines. |
10.14.10.1 |
p4 print //depot/proj/README |
Fails. The third line removes all of Joe's permissions on any files in this directory. (If the second protection and the third protection had been switched, then the subsequent protection would have overridden this one, and Joe would have succeeded). |
192.168.100.123 |
p4 print //depot/proj/README |
Succeeds. Joe is sitting at an IP address from which he is granted this permission in the fourth line. |
192.168.100.123 |
p4 verify //depot/misc/... |
Fails. p4 verify requires super access; Joe doesn't have this access level no matter which IP address he's coming from. |
Perforce 2007.3 Command Reference | ||
<< Previous Chapter p4 print |
Table of Contents Index Perforce on the Web |
Next Chapter >> p4 protects |