Re: building git ; need suggestion

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Friday, March 15, 2013 at 08:52 EDT,
     Joydeep Bakshi <joydeep.bakshi@xxxxxxxxxxxxxxx> wrote:

> On 15-Mar-2013, at 6:14 PM, Fredrik Gustafsson <iveqy@xxxxxxxxx> wrote:
> 
> > gitolite have a more fine ACL. Check it out. However it doesn't
> > really meet your needs with web-interface (and I'm not even sure
> > about the ACL thing is fine enough for you). You can read more about
> > ACL in the git book: http://git-scm.com/book/ch7-4.html
> > 
> > The webgui that's most populair is cgit and git-web. They don't do
> > ACL afaik.
> > 
> > Why would you need ACL? Why not don't share the branches that are
> > going to be secret? Or are you looking for some branches to be read
> > only?
> 
> Actually the branches have to be dedicated to a group of users.
>  developer branch ---> developers
> bug fixed branch --- > bug fixer
> 
> and specific group don't need to RW permission on other branch.
> Obviously the admin must have the full permission on all these branches
> and merge as per requirement.

Right, but that's R/W permissions. Almost any piece of Git hosting
software supports restriction of pushes. Discriminating *read* access
between developers and maintenance people sounds like a disaster if it's
the same organization. Well, it sounds like a disaster even if there are
two different organizations working on development and maintenance, but
at least it's a reason.

Anyway, Gerrit supports per-branch read ACLs. As long as all changes go
through code review, perhaps Gerrit web interface works sufficiently
well as a repository viewer? Pushes that bypass code review won't show
up there.

http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/access-control.html#category_read

> The web-interface is required for checking the history by the users
> themselves and for code review. I don't know any web interface which
> can show repo/branch based on authentication. I have tried gitweb but
> it can handle a single repo or multiple repo with single
> authentication. NO ACL

If you just have two levels of access you could have two separate
Gitweb sites and use Gerrit to replicate a subset of the branches
to each site. You could e.g. have gitweb-dev.example.com and
gitweb-maint.example.com and grant access to those sites accordingly.

-- 
Magnus Bäck
baeck@xxxxxxxxxx
--
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]