It's all about the answers!

Ask a question

Is it possible to prevent usage of scmtools by roles

Karthik Krishnan (8594100149) | asked Nov 05 '12, 4:04 a.m.
 I am wondering if it's possible to prevent the usage of SCM tools via roles and permissions in RTC?

Accepted answer

permanent link
Ralph Schoon (60.7k33643) | answered Nov 05 '12, 6:42 a.m.
edited Nov 05 '12, 6:43 a.m.

you can prevent from SCM save/alter operations by role in the team configuration permission. There is no difference in the operations for UI and SCM tools that I am aware of. The server does not know if it is a UI or the SCM tools.
If you want to prevent certain users from seeing streams you can look into the ownership and visibility options. This is not by role, but by team membership. If you want to allow some users/roles only to be able to see work items and no SCM at all, you can split the work into two project areas and use the read access settings to prevent users from seeing the SM project. Again, this is not by role as far as I can tell.
Karthik Krishnan selected this answer as the correct answer

Karthik Krishnan commented Nov 05 '12, 9:02 a.m.

Thanks Ralph. I will be more specific :-)

If I understand correctly, the SCM tools is more or less doing the  same job as GUI based. Our objective is we don't want users to try something weird with the command line tools which can mess up the stream / components etc since the scm tools can be downloaded by anyone from 

So I was wondering if it's possible to control this kind of behavior 

Karthik Krishnan

Ralph Schoon commented Nov 05 '12, 9:16 a.m.

Thanks for the clarification, but I don't know if the server can detect if it is the SCM tools or any other UI. I would guess no. I am certainly not aware of any setting e.g. in the advanced attributes that could switch off specific API's for specific client types..

Maybe someone else can help here.

Tim Mok commented Nov 05 '12, 2:05 p.m.

There is no way to restrict which clients can be used. If you're worried that users will mess up configurations, you'll have to trust they know what they're doing with a GUI as much as the command line. A user can do just as much damage with the GUI, if not more, as with the command line.

You'll be safe against losing data though. Users can't drop a component from your stream without an automatic baseline being created (if changes were delivered since the last baseline). You'll always be able to re-add components back at the state they were dropped.

For deliveries, you'll just have to trust those with deliver rights will deliver the correct change sets. For accidental deliveries, you'll have to manually discard change sets and drop components. Otherwise, you're covered from people accidentally discarding change sets and dropping components.

Karthik Krishnan commented Nov 07 '12, 2:36 a.m.

Guess trust is the only option now  :-) 

Many thanks for clarifying


Your answer

Register or to post your answer.