Xorcist Posted September 6, 2013 Report Share Posted September 6, 2013 Is there any way to flag a repository (in this case using MSSQL) so that users don't have the option of selecting it for pulling/pushing/syncing. I have certain old repos that I want to depreciate, but not delete entirely. We just had an issue were a user synced to or from a backup repo and somehow created two heads, which then broke it horribly. We then needed to perform a couple hours of fixes to get everything back in order. Just hoping to prevent this in the future. P.S. I know I can attempt to move the repos to a new server and then just delete them from the main server, but that would require me to setup another server. Link to comment Share on other sites More sharing options...
manu Posted September 9, 2013 Report Share Posted September 9, 2013 Hi Xorcist! You can remove the view/read permission for those users and they will not be able to perform any action over the repositories. You, as the admin user, will be able to continue working with them. Link to comment Share on other sites More sharing options...
Xorcist Posted September 9, 2013 Author Report Share Posted September 9, 2013 I think I made a mistake. I removed view/read from the Server Repository Permissions and now all the repositories are not showing. Any way to fix this? I tried: cm acl -user=all -allowed=+view,+read but that didn't work, I think I might have been missing a parameter because it gave me the usage text afterwards. EDIT: got it fixed I needed to add on the repserver option, for that server. Ended up being this: cm acl -user=all -allowed=+view,+read repserver:LOCALHOST:8087 Link to comment Share on other sites More sharing options...
Xorcist Posted September 9, 2013 Author Report Share Posted September 9, 2013 Okay, so seems I have another issue. This time I applied permissions directory to a repository. But once again it disappeared. I guess this is due to setting permissions under ALL USERS. I'm logged in as an admin, so I'm not 100% sure why I can't see it. Worse yet, I can't seem to get the repo back. It keeps listing that I don't have permissions for the operation view. Do I need view permissions to set permissions? This is the line I'm trying to run: cm acl -user=all -allowed=+view,+read -denied=-view,-read rep:tsHeilman@LOCALHOST: EDIT: I ended up just hacking the database directly to get it back (so it matched one that was showing up). Probably not the best idea, but it worked (required a plastic service restart though). P.S. What is the proper way to set these permissions to that I can always access them, but other users can't. Do I need to create a new user for myself and assign permissions to all the repos for myself, then remove read/view permissions from all users? Most of the repos are owned by their respective creators and I'd rather not change that if I don't have too. Link to comment Share on other sites More sharing options...
manu Posted September 10, 2013 Report Share Posted September 10, 2013 EDIT: I ended up just hacking the database directly to get it back (so it matched one that was showing up). Probably not the best idea, but it worked (required a plastic service restart though). You deserve one of our new t shirts, send me your address in a PM and I'll take case of sending you one. P.S. What is the proper way to set these permissions to that I can always access them, but other users can't. Do I need to create a new user for myself and assign permissions to all the repos for myself, then remove read/view permissions from all users? Most of the repos are owned by their respective creators and I'd rather not change that if I don't have too. I would create groups so you can define a security policy per group. Adding or denying everything for ALL_USERS can lead into problems , it's easier if you deny the access for a certain user or group. You don't even need to deny the permission, you can uncheck the allow checkbox. And always, always, always define a root user. The root user is the owner of the repository server item. (Right click in any of your reps -> Repository server permissions -> Owner -> You) Link to comment Share on other sites More sharing options...
Xorcist Posted September 10, 2013 Author Report Share Posted September 10, 2013 I would create groups so you can define a security policy per group. Adding or denying everything for ALL_USERS can lead into problems , it's easier if you deny the access for a certain user or group. You don't even need to deny the permission, you can uncheck the allow checkbox. And always, always, always define a root user. The root user is the owner of the repository server item. (Right click in any of your reps -> Repository server permissions -> Owner -> You) Ah, that makes sense. Thanks. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.