[cvsnt] CVS Streams and permissions.

Jeffrey S. Nelson jnelson at covansys.com
Thu Sep 26 14:01:50 BST 2002


Can someone help me understand how the stream level permissions should work.  It seems that the permissions that are granted to a person do not completely work the way that I thought they should.  After reading the Security section of the CVS docs for version 1.11.1.3 I thought that any permissions granted at the project level would effectively be allow or dis-allow users from accessing sub folders within the project.  Also it appears that the default:n permission on a stream causes problems when updating or adding files to that stream.

Here is an example of how the permissions are setup.

HEAD (Stream)
    default:n
    domain#user1:crw
    domain#user2:cwr

TEST (Stream)
    {TEST}default:n
    {TEST}domain#user1.crw

The permissions have been granted at the parent project directory only they are not replicated down through out the project sub folders.

All of our users login using pserver with impersonation enabled.

When User1 does a checkout of the TEST stream they can update and add files without any problems.  User1 can also update and add files to the HEAD stream.  

User2 can checkout from TEST stream however they are unable to update or add any files.

To get User2 to work correctly we had to change from default:n to default:cwr in the TEST stream.  After making that change User2 was able to update and add files to the TEST stream.

Here is how it looks now:

HEAD (stream)
    default:n
    domain#user1:crw
    domain#user2:cwr

TEST (Stream)
    {TEST}default:cwr
    {TEST}domain#user1.crw

The problem with this is that all users can now update the TEST stream. 

Thanks for the help in advance....

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.cvsnt.org/pipermail/cvsnt/attachments/20020926/1da2df33/attachment.html 


More information about the cvsnt mailing list