[PATCH - BACL] Branch access control extension
Elifarley Callado Coelho Cruz
elifarley at gmail.com
Wed Apr 14 08:09:45 CDT 2010
On Wed, Apr 14, 2010 at 09:55, Benoit Boissinot <bboissin at gmail.com> wrote:
> I wonder if we could come up with a better scheme.
>
> Benoit
>
An example is worth a thousand words (or is it a picture?)
Anyways, here's my proposal:
[acl]
sources = serve
# Everyone is denied to the frozen branch:
deny-branch: frozen-branch = *
# A bad user is denied on all branches:
deny-branch: * = bad-user
# A few users are allowed on branch-a:
allow-branch: branch-a = user-1, user-2, user-3
# Only one user is allowed on branch-b:
allow-branch: branch-b = user-1
# The super user is allowed on any branch:
allow-branch: * = super-user
# Everyone is allowed on branch-for-tests:
allow-branch: branch-for-tests = *
# user6 won't have write access to any file:
deny: ** = user6
# Nobody will be able to change 'DONT-TOUCH-THIS.txt', despite everyone
being able to change all other files. See below.)
deny: src/main/resources/DONT-TOUCH-THIS.txt = *
# if acl.allow not present, all users allowed by default
# empty acl.allow = no users allowed
# User 'doc_writer' has write access to any file under the 'docs' folder:
allow: docs/** = doc_writer
# Everyone (except for 'user6'. See 'acl.deny' above) will have write access
to any file under the 'resources' folder (except for 1 file. See
'acl.deny'):
allow: src/main/resources/** = *
allow: .hgtags = release-engineer
---
Let me know if you like it.
--
Elifarley Cruz
Profile: http://bit.ly/9hrz0P
Professional info: http://br.linkedin.com/in/elifarley
Google Reader: http://bit.ly/2W7JK2
Bookmarks: http://delicious.com/elifarley
http://twitter.com/elifarley
http://elifarley.amplify.com/
-
" Do not believe anything because it is said by an authority, or if it is
said to come from angels, or from Gods, or from an inspired source.
Believe it only if you have explored it in your own heart and mind and body
and found it to be true. Work out your own path, through diligence."
- Gautama Buddha
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://selenic.com/pipermail/mercurial-devel/attachments/20100414/eddbdc79/attachment.htm>
More information about the Mercurial-devel
mailing list