The ACL subtab of the Security tab displays the repository's set of access control list (ACL) entries, also called permissions. Each stream and depot in the repository can have any number of permissions. Note: For this command, "stream" can be a dynamic stream, a workspace stream, or a snapshot.
Choose Admin > Security from the GUI main menu to display the Security tab. Then, click the ACL subtab.
Note: Because permissions are inherited down a depot's stream hierarchy, a permission on a depot is almost equivalent to one on the depot's base stream. The only difference is that a depot permission also affects access to the depot's issues.
all: the user(s) can access the resource.
none: the user(s) cannot access the resource.
yes: the permission applies to the depot, and also to the depot's entire stream hierarchy.
no: the permission applies only to the depot, not to any of the depot's version-controlled elements.
yes: the permission applies to the entire subhierarchy below the stream in the Resource column.
no: the permission applies only to the stream in the Resource column, not to any lower-level stream.
|
•
|
Anchor, Defunct, Populate, Revert to Basis, Revert to Most Recent Version, Update and File Browser searches check the current workspace.
|
|
•
|
Annotate, View, and Send to Workspace check the stream of the version being accessed. Send to Workspace also checks the current workspace.
|
|
•
|
Promote checks the stream to which the version(s) are being promoted.
|
|
•
|
Include from Stream and Clear Rule check both streams involved in the cross-link.
|
|
•
|
The various Diff Against ... commands check the streams of both versions being compared.
|
|
•
|
Merge checks the workspace/stream in which you're doing the merge, as well as any stream explicitly mentioned on the command line.
|
|
•
|
Remove and Reactivate stream check the stream being changed.
|
|
•
|
New Workspace, New Stream, and New Snapshot check the specified backing stream for the workspace/stream/snapshot being created.
|
|
•
|
Change Stream checks the stream being changed (and, if appropriate, its new backing stream).
|
|
•
|
View Streams checks the depot.
|
|
•
|
In a Stream Browser tab, Show History checks the selected stream. In a Depots tab, Show History checks the selected depot.
|
Two or more permissions on a resource can apply to the same user, or to the same stream. In such cases, an all permission overrides one or more none permissions. This makes it easy to implement "all but" access controls.
Example 1: "all but" at the user level
The permissions shown here prevent everyone in the Cupertino group -- except for users charlie and jalan -- from accessing stream velo.
Example 2: "all but" at the stream level
The permissions shown here restrict the Lowell group to working in the maint stream subhierarchy. Members of this group cannot work with other streams in the velo depot.
Add ACL Entry
Change ACL EntryResource: Select one of the repository's depots from the Depot listbox.
|
•
|
If you want the permission to apply to the depot itself, leave the Set Permission for Stream checkbox cleared.
|
|
•
|
If you want the permission to apply to one of the depot's stream, check the Set Permission for Stream checkbox, and choose a stream from the Stream listbox.
|
|
•
|
Security Group: Use the radio buttons (and listboxes) to specify an individual user or a single group to which the permission will apply. (You can't specify multiple users or groups, but you can produce the same effect by creating multiple permissions on the same resource.)
Remove ACL Entry