[p4] Limiting users ability to create new branches

Looney, James B (N-ULA) james.b.looney at lmco.com
Wed Feb 27 08:15:15 PST 2008


Ah, so if they're not making the branch spec, even worse.  They're
cheating.

You could try using the protection table to give the group access to
parts of the tree, and restrict other areas.  But that assumes you are
going to keep on top of what the developers are doing and needing to
grant and remove access regularly.

Here's what we do:  We're 99% Unix, and have scripts in place to
automate a number of common actions including branch creation.  From a
purely server-side solution, I can't think of a good way to specifically
prevent the creation of clients in specific locations unless you have a
situation like ours:

I've written a wrapper (in Python, since it's platform independent)
which performs some upfront processing including doing some parsing
(mostly marshaling, using Perforce's -G option) to decide if the user
should be allowed to perform the specified action.  The wrapper is
called p4, and is in everyone's path, with the real p4 client off in
another location which most users don't know about but still have access
to (since the script calls the real client to do the work).

This isn't a fool proof method, but it works for nearly all or our
variations.

-James 

> -----Original Message-----
> From: Jamison, Shawn [mailto:sjamison at ciena.com] 
> Sent: Wednesday, February 27, 2008 8:24 AM
> To: Looney, James B (N-ULA); perforce-user at perforce.com
> Subject: RE: [p4] Limiting users ability to create new branches
> 
> Wouldn't that only work if they use a branch spec?
> 
> Wouldn't I have to parse the files section of a change list 
> and validate
> that the depot path is really a new branch?
> 
> Thanks
> 
> -Shawn Jamison>
> Ciena Corp.
> Perforce Admin
> 
> -----Original Message-----
> From: Looney, James B (N-ULA) [mailto:james.b.looney at lmco.com] 
> Sent: Wednesday, February 27, 2008 10:11 AM
> To: Jamison, Shawn; perforce-user at perforce.com
> Subject: RE: [p4] Limiting users ability to create new branches
> 
> Sounds like you might want to use a form-in trigger on 
> branches.  If you
> see the name of a person in the development group, reject it.  See
> Perforce's public depot ( http://public.perforce.com/public/index.html
> )or the admin docs for more on triggers(
> http://www.perforce.com/perforce/doc.042/manuals/p4sag/06_scri
> pting.html
> ). 
> 
> -James
> 
> > -----Original Message-----
> > From: perforce-user-bounces at perforce.com
> > [mailto:perforce-user-bounces at perforce.com] On Behalf Of Jamison, 
> > Shawn
> > Sent: Wednesday, February 27, 2008 7:22 AM
> > To: perforce-user at perforce.com
> > Subject: [p4] Limiting users ability to create new branches
> > 
> > I have the express need to limit a development groups ability to 
> > create new branches.
> > 
> > They seem to think that a new branch is the solution to every 
> > development problem.
> > 
> > 
> > Has anyone experienced this before or have any suggestions 
> on how to 
> > accomplish this?
> > 	Besides sending a dude named Tony to visit them with at baseball
> 
> > bat...
> > 
> > Thanks
> > -Shawn Jamison>
> > Ciena Corp.
> > Perforce Admin
> > 
> > _______________________________________________
> > perforce-user mailing list  -  perforce-user at perforce.com 
> > http://maillist.perforce.com/mailman/listinfo/perforce-user
> > 
> 



More information about the perforce-user mailing list