2

I have used SVN before and because I have a larger project which I have frequently changing developers working on I want to define file access on a package or file level. For example giving full access to basic classes, but only allow the reading and committing for special users in some cases.

Is there a version control system which would allow that, like GIT, CVS or SVN or is there a work around to do this? I do not have my own Server but I am using Codesion as a hosted service.

Dominik
  • 4,718
  • 13
  • 44
  • 58

1 Answers1

5

CVS is horrible (by comparison) and you shouldn't touch the stuff. The new DVCSs such as Git, Hg, Bzr, etc. do not let you set read permissions finer than at the whole-repository level. (Write permissions are fairly easy.)

You can set fine-grained read/write permissions using SVN (see the book). Beware that denying read access to parts of a repository is a rabbit-hole. I recommend splitting the project into separate (mostly self-contained) modules and granting or denying access to each module as a whole. For example,

project/  [world readable, writable by some]
moduleA/  [readable/writable by "team A"]
moduleB/  [readable/writable by "team B"]

You might also want to step back and ask yourself exactly why you need fine-grained access. If you're worried about developers absconding with your source code, then you have deep problems that cannot be solved with technology. If you are worried about admin passwords in your repository, then remove the admin passwords. I would say the primary use case for this kind of access control is to give customers SVN access to the code for the features they have purchased.

Dietrich Epp
  • 205,541
  • 37
  • 345
  • 415
  • 1
    There are still some reasons to use CVS, or even RCS. See [this answer](http://stackoverflow.com/a/7871646/827263). – Keith Thompson Dec 25 '11 at 04:16
  • "The new DVCSs such as Git, Hg, Bzr, etc. do not let you set read permissions finer than at the whole-repository level" statement is at least incorrect. ACL in Mercurial works on subtree level. Repo-hooks (hand-made) *may control* at the file-level also for any SCM, which have concept of hooks – Lazy Badger Dec 25 '11 at 04:50
  • You can do the same thing @Dietrich Epp suggests with git. Split the code into separate repositories and use gitolite to control access to the repositories. – wadesworld Dec 25 '11 at 05:06
  • 1
    @LazyBadger: How do you use a hook to prevent someone from checking out a file? See this question: http://stackoverflow.com/questions/3235730/mercurial-acl-extension-deny-pull-of-some-files – Dietrich Epp Dec 25 '11 at 05:10
  • @Dietrich-epp: I have right to make mistake, but... I thought about blocking transaction totally, if it contain unapproved file. Maybe, it's impossible - I didn't try to write such hook yet – Lazy Badger Dec 25 '11 at 05:22
  • 1
    @LazyBadger: That only works for writing. For reading, you have to be able to read the whole tree or the checkout doesn't work. – Dietrich Epp Dec 25 '11 at 05:28