It's all about the answers!

Ask a question

Restricting visibility to change sets in a component

Harry Koehnemann (30125238) | asked Dec 30 '13, 11:22 a.m.
Is there a way to control visibility to the change sets within a component.  We can restrict access to the stream that contain the change sets - which seems like the right approach.  But a user who has access to a component can list all baselines on the component and then compare them - giving them the ability to see all change sets.  So restricting stream access doesn't really help us.

This specific scenario is a component being reused across multiple projects.  The project of interest has Dev and Main streams using shared components from several project areas.  Suppliers contribute to these streams, but they should not (contractually!) see changes in the streams of other project areas.  But if a user can list *all* baselines on the component, compare them, and see all changes.

The painful solution is to "copy" the components using the "Team > Move in Repository" trick where you deliver to the new component and discard to the original (not performing the move).  But we would need to "copy" the component twice for Dev and Maint - which creates two separate components and we cannot deliver changes between from Maint to Dev.  And that solution is really a hack.  We really want a common component.

Ideally I want to move the shared components to a new, public project area and lock them down within that project area.  No listing baselines, etc. on the component.  Only access the component and its artifacts from your stream.  But I don't see many permission restrictions on components.

Help?!?!  Many thanks for all thoughts and opinions.

Accepted answer

permanent link
Geoffrey Clemm (30.1k33035) | answered Dec 30 '13, 4:21 p.m.
edited Dec 30 '13, 5:20 p.m.
Your best approach to limiting visibility to a single stream is to use a separate repository, and use cross-repo delivery to deliver just the stream that you want to make visible to that other repository.
Harry Koehnemann selected this answer as the correct answer

Harry Koehnemann commented Dec 30 '13, 5:39 p.m. | edited Dec 30 '13, 6:30 p.m.

Many thanks for the quick response Geoff.  I played with that solution a little and seems like it would work -  the only visible baselines are the ones delivered to the remote stream.

This is an ongoing project - unfortunately cannot move.  But this solution would work otherwise.

Geoffrey Clemm commented Dec 30 '13, 7:50 p.m. | edited Dec 30 '13, 7:50 p.m.

Why would anything need to move?   You would need to allocate a second repository, if you don't already have one, but you wouldn't move anything from the first repository to the second repository ... you would just replicate the appropriate streams to the second repository.   You would then give the suppliers read access to the second repository components but not the first repository components.

Your answer

Register or to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.