From: "Magnus Bäck" <baeck@google.com>
To: Joydeep Bakshi <joydeep.bakshi@infoservices.in>
Cc: Fredrik Gustafsson <iveqy@iveqy.com>, git@vger.kernel.org
Subject: Re: building git ; need suggestion
Date: Fri, 15 Mar 2013 09:14:05 -0400 [thread overview]
Message-ID: <20130315131403.GA27022@google.com> (raw)
In-Reply-To: <00107242-04EB-423F-90FE-A6DCDEE7E262@infoservices.in>
On Friday, March 15, 2013 at 08:52 EDT,
Joydeep Bakshi <joydeep.bakshi@infoservices.in> wrote:
> On 15-Mar-2013, at 6:14 PM, Fredrik Gustafsson <iveqy@iveqy.com> wrote:
>
> > gitolite have a more fine ACL. Check it out. However it doesn't
> > really meet your needs with web-interface (and I'm not even sure
> > about the ACL thing is fine enough for you). You can read more about
> > ACL in the git book: http://git-scm.com/book/ch7-4.html
> >
> > The webgui that's most populair is cgit and git-web. They don't do
> > ACL afaik.
> >
> > Why would you need ACL? Why not don't share the branches that are
> > going to be secret? Or are you looking for some branches to be read
> > only?
>
> Actually the branches have to be dedicated to a group of users.
> developer branch ---> developers
> bug fixed branch --- > bug fixer
>
> and specific group don't need to RW permission on other branch.
> Obviously the admin must have the full permission on all these branches
> and merge as per requirement.
Right, but that's R/W permissions. Almost any piece of Git hosting
software supports restriction of pushes. Discriminating *read* access
between developers and maintenance people sounds like a disaster if it's
the same organization. Well, it sounds like a disaster even if there are
two different organizations working on development and maintenance, but
at least it's a reason.
Anyway, Gerrit supports per-branch read ACLs. As long as all changes go
through code review, perhaps Gerrit web interface works sufficiently
well as a repository viewer? Pushes that bypass code review won't show
up there.
http://gerrit-documentation.googlecode.com/svn/Documentation/2.5/access-control.html#category_read
> The web-interface is required for checking the history by the users
> themselves and for code review. I don't know any web interface which
> can show repo/branch based on authentication. I have tried gitweb but
> it can handle a single repo or multiple repo with single
> authentication. NO ACL
If you just have two levels of access you could have two separate
Gitweb sites and use Gerrit to replicate a subset of the branches
to each site. You could e.g. have gitweb-dev.example.com and
gitweb-maint.example.com and grant access to those sites accordingly.
--
Magnus Bäck
baeck@google.com
next prev parent reply other threads:[~2013-03-15 13:14 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-03-15 12:24 building git ; need suggestion Joydeep Bakshi
2013-03-15 12:43 ` Joydeep Bakshi
2013-03-15 12:44 ` Fredrik Gustafsson
2013-03-15 12:52 ` Joydeep Bakshi
2013-03-15 13:14 ` Magnus Bäck [this message]
2013-03-18 5:44 ` Joydeep Bakshi
2013-03-18 12:24 ` Joydeep Bakshi
2013-03-19 2:11 ` David Aguilar
2013-03-15 17:25 ` Paul Campbell
2013-03-15 13:56 ` Konstantin Khomoutov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130315131403.GA27022@google.com \
--to=baeck@google.com \
--cc=git@vger.kernel.org \
--cc=iveqy@iveqy.com \
--cc=joydeep.bakshi@infoservices.in \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).