What source control systems have file level permissions?
Asked Answered
B

7

5

I might propose migrating away from VSS due to its inability to grant and deny permissions at the file level. The question is what source control systems allow this.

Update I am marking the SVN answer as the "correct" one, since it had the most feedback. However, there is no correct answer. I will make my recommendations to management based on all your feedback.

Bushey answered 13/6, 2009 at 23:37 Comment(0)
D
6

subversion does too, but the ACL is managed in a configuration file

Darter answered 13/6, 2009 at 23:44 Comment(6)
The question is will someone sell me a GUI tool that will edit the apache config files and provide support. I'm ok with editing text files and running an open source product I don't pay for. Management is not.Bushey
No, but they'll give you one for free (I'd donate if you're pleased with it). The VisualSVN msc snap-in allows you to set permissions with an interface you'll be familiar with - down to the file level.Provitamin
and you get Active Directory logins using it too, there's really very little reason not to upgrade to SVN.Provitamin
If you don't want to run Apache, because the machine is already running IIS, then you can also use the svnserve.exe server. Google PainlessSVN, which deals with how svnserve works.Usual
There's a free GUI tool for managing Windows SVN servers: VisualSVN Server (visualsvn.com/server). The GUI supports access control down to the directory level - it's not clear from the description if it also supports file-level control (which is supported by svn in the config files). I used VisualSVN Server briefly a while back, so I'm by no means an expert, but it seemed a pretty nice package.Blim
off-topic: thanks all for pushing me to a 1000 reputation points :)Darter
H
4

I'm not really answering your question, but I think it's not a very useful feature to have permissions on VCS. People should know where they're allowed to commit, people should be reviewing commits, and if someone's committing where they're not supposed to:

  • You catch it in the review
  • You roll back the change (which is what a VCS is designed for)
  • You figure out why: was it a mistake, or on purpose?

If you're worried that people will make unauthorized changes, then you have a social problem that the permissions won't fix. If you're worried that people will accidentally make changes to the wrong code, then you have a different social problem (lack of review) that the permissions also won't fix.

Hereabout answered 14/6, 2009 at 0:1 Comment(2)
This may be fine for smaller organizations, but in a larger organization enforcing access control is often a requirement. There are also times when it might be a contractual requirement (and I wouldn't be surprised if at times there are even legal requirements).Blim
I agree sometimes problems like these require social convention and process (code reviews) as opposed to security. However, when dealing with things like outside contractors, and process control, such security has merit.Bushey
B
3

Perforce does.

Blim answered 13/6, 2009 at 23:43 Comment(4)
I'll have to test drive the perforce IDE integration. I used the command line version a bit for read-only access to the Open Watcom repository, but I will never be able to sell my company on something without Visual Studio support.Bushey
Perforce supports an SCC plug-in for VS integration. However, I've found VS's SCC support to not be great for any source control system (not Perforce's fault - I think SCC is probably a poor interface). Maybe your team will have a better opinion of it.Blim
I agree that VS SCC integration sucks in general, my colleagues do not.Bushey
NiftyPerforce is a good alternative to VS SCC. It provides a lot of the same options (auto checkout, view revision history/timelapse, ...), but doesn't hang VS so much.Margenemargent
I
1

Whatever its other flaws, IBM Rational Clearcase does support file-level permission controls. It also has other mechanisms that you can use - notably triggers which can be written to cause an otherwise permitted checkin to fail.

Intoxication answered 14/6, 2009 at 2:11 Comment(1)
SVN supports triggers. They call them hooks. Some will fail commits that don't meet certain conditions (e.g. one forces the files to all have mime types set) and others trigger external actions like continuous integration builds and email notifications. The fact that this is an IBM product might make this more palatable to my employer though.Bushey
A
1

Mercurial does, with the bundled Acl extension

Abbotson answered 30/6, 2009 at 7:25 Comment(0)
D
0

If you are using VSS now, Team Foundation Version Control (TFVS) is the logical upgrade, especially if your corporate mandate is Microsoft-only tools.

http://msdn.microsoft.com/en-us/library/ms364074.aspx

Dragonet answered 14/6, 2009 at 1:20 Comment(3)
Does it satisfy my requirements? Specifically, file level permissions?Bushey
A complete rundown of the various permission levels and their meaning is provided here: msdn.microsoft.com/en-us/library/ms252587.aspxDragonet
Thanks, Richard. It was not at all clear to me from the specifications, although with the level of detail provided I assumed that it was possible.Dragonet
S
0

Take a look at Plastic SCM and it's ACL model.

Spirited answered 30/6, 2009 at 16:50 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.