Mercurial ACL,是否可以向一个分支授予一组权限,但拒绝其他所有权限?
基本上,
[acl.groups]
group1=user1,user2
group2=user3,user4
[acl.allow.branch]
default=*
[acl.deny.branch]
*=@group2
由于 Mercurial 首先查看拒绝,所以它会忽略 acl.allow...我们的存储库有许多分支,这些分支都标有票号。我不可能拒绝每个单独的分支(并且分支上的通配符匹配似乎不起作用)
我想拒绝 group2 的每个分支,但默认
这可能吗?
Basically
[acl.groups]
group1=user1,user2
group2=user3,user4
[acl.allow.branch]
default=*
[acl.deny.branch]
*=@group2
Since Mercurial looks at deny first, it ignores acl.allow...our repo has many branches which are labeled with ticket numbers. I can't possible deny each individual branch (and wild card matching on branches do not seem to work)
I would like to deny every branch to group2 but default
Is this possible?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
好吧,我解决了这个问题,并找到了解决方案:您不需要在配置中将组列入黑名单,因为您已经有一个白名单。白名单以这种方式工作,当它存在并且没有用户条目匹配时,用户将被拒绝(src)。因此,您只需要一个白名单,其中默认分支允许所有用户使用,所有其他分支仅允许分支人员使用。由于非分支机构人员没有列入白名单,因此没有权限。
Ok, I slept over the problem, and found the solution: You don't need to black list groups in your configuration, since you already have a white list. The white list works that way, that when it is present and no user entry matches, the user is denied (src). So you only need a white list, where default branch is permitted to all users, and all other branches are permitted to the branch people only. Since the non-branch people are not listed in the white list, they don't have permissions on them.