[SCM] - Restrict read access for a component to a Team Area
Is it possible to restrict read access to a specific Team Area?
Imagine following scenario where I have a Project Area with different
Team Areas (A, B, and C) and different Components (A, B and C). Each
Team Area should see and work just with its component. Does it make
sense such scenario? Or I should define three different Project Areas to
achieve such isolation? Or I should define three different streams
inside the same Project Area?
Thanks in advance,
Chemi.
Imagine following scenario where I have a Project Area with different
Team Areas (A, B, and C) and different Components (A, B and C). Each
Team Area should see and work just with its component. Does it make
sense such scenario? Or I should define three different Project Areas to
achieve such isolation? Or I should define three different streams
inside the same Project Area?
Thanks in advance,
Chemi.
3 answers
No, you can only restrict read access at the project area level.
So you would need to create different project areas to define different
access control lists.
Cheers,
Geoff
Chemi wrote:
So you would need to create different project areas to define different
access control lists.
Cheers,
Geoff
Chemi wrote:
Is it possible to restrict read access to a specific Team Area?
Imagine following scenario where I have a Project Area with different
Team Areas (A, B, and C) and different Components (A, B and C). Each
Team Area should see and work just with its component. Does it make
sense such scenario? Or I should define three different Project Areas to
achieve such isolation? Or I should define three different streams
inside the same Project Area?
Thanks in advance,
Chemi.
Geoffrey Clemm wrote:
Hi Geoff. Just to make sure I understand your answer... you are
referring to the "access control" tab in the Project Area editor. Right?
So it is a matter of you can see the whole Project Area or you can't. We
can't drill down and be more specific trying to hide just a Stream or a
Team Area, etc...
And the new SCM authorization feature in 2.0, is about restricting write
access to components inside the same Project Area to people that,
although has write access to SCM in process configuration are not
members of a specific team for example.
And people from outside the Project Area never will have write access to
the streams because directly they are not members. Right?
Thanks a lot,
Chemi.
No, you can only restrict read access at the project area level.
So you would need to create different project areas to define different
access control lists.
Cheers,
Geoff
Hi Geoff. Just to make sure I understand your answer... you are
referring to the "access control" tab in the Project Area editor. Right?
So it is a matter of you can see the whole Project Area or you can't. We
can't drill down and be more specific trying to hide just a Stream or a
Team Area, etc...
And the new SCM authorization feature in 2.0, is about restricting write
access to components inside the same Project Area to people that,
although has write access to SCM in process configuration are not
members of a specific team for example.
And people from outside the Project Area never will have write access to
the streams because directly they are not members. Right?
Thanks a lot,
Chemi.
Chemi wrote:
Correct.
I assume by the "new SCM authorization feature", you are referring to
the fact that access control on a component is defined by which project
area that component belongs to? If so, this controls read access to
that component, not write access (although of course, if you don't have
read access, you don't have write access). Also note that with Jazz
access control, you have a choice between saying "anyone who is a member
of this project area or any team area in this project area can read it"
or "anyone in this particular list can read it", or "both".
In the access control tab, you can say "everone can read artifacts in
this project", and you also can give an explicit list of people (and
they don't have to be people that are members of that project area).
Cheers,
Geoff
Geoffrey Clemm wrote:
No, you can only restrict read access at the project area level.
So you would need to create different project areas to define
different access control lists.
Cheers,
Geoff
Hi Geoff. Just to make sure I understand your answer... you are
referring to the "access control" tab in the Project Area editor. Right?
So it is a matter of you can see the whole Project Area or you can't. We
can't drill down and be more specific trying to hide just a Stream or a
Team Area, etc...
Correct.
And the new SCM authorization feature in 2.0, is about restricting write
access to components inside the same Project Area to people that,
although has write access to SCM in process configuration are not
members of a specific team for example.
I assume by the "new SCM authorization feature", you are referring to
the fact that access control on a component is defined by which project
area that component belongs to? If so, this controls read access to
that component, not write access (although of course, if you don't have
read access, you don't have write access). Also note that with Jazz
access control, you have a choice between saying "anyone who is a member
of this project area or any team area in this project area can read it"
or "anyone in this particular list can read it", or "both".
And people from outside the Project Area never will have write access to
the streams because directly they are not members. Right?
In the access control tab, you can say "everone can read artifacts in
this project", and you also can give an explicit list of people (and
they don't have to be people that are members of that project area).
Cheers,
Geoff