July 17, 2018

How to Protect Your Codebase While Not Burdening Your System Admin

Version Control
IP Protection

As development teams become larger and more widespread, protecting intellectual property (IP) is critical. One way to safeguard IP is through strict repository management practices.

With Helix Core, system administrators can control access as granularly as needed — down to the repository, branch, directory, or individual file. But, this can be quite a task when there are thousands of repositories and branches and only one or two admins to oversee them.

That’s why the Helix Core server has a self-service administration feature. System admins can allow project leads to delegate permissions to a specific group or user.

How it Works

Granting project leads permissions on their projects is an easy process. In the Protection table, select the “Owner” Access Level. Add the user or group who will be responsible for managing the permissions for the repository, project, or branch. 

To delegate permissions in Helix Core, select the Owner Access Level.
In the Protection table, select the “Owner” Access Level.
Add the user or group who will be responsible for managing the permissions for the repository, project, or branch.
Add the user or group who will be responsible for managing the permissions.

The user or group can now run the Protect command and assign permissions to the project without needing to contact the system admin. 

Let’s say I added John as the owner and he runs the Protect command specifying the Depot path he has owner privileges to:  p4 protect //gwt-streams/…

He can enter a user or group with permissions on the gwt-streams Depot.

The owner of the repository can enter a user or group with permissions on the respective Depot.
Administrator output from p4 protect repository path command.

Gale, or any user in the gwt-dev group, has write permissions to the branches in the gwt-streams repository.  The administrator no longer needs to assign this task. What’s more, the Protection table is still secure.  John can only modify and see the SubPath for //gwt-streams; nothing else in the Protection table is exposed.

If John wants to view the settings he just modified as the owner of the repository, he can run the Protect command with the Depot path: p4 protect -o //gwt-streams/…

A system admin can run the above command or the p4 Protects Quick View Command to see what access level Gale has in the Helix Core server.

A system admin can run a command to see what access level Gale has in the Helix Core server.
Administrator output from p4 protects - user command.

See how easy it is to delegate permissions when you sign up for Helix Core. A full version of Helix Core is free for teams up to 5 users. Or, contact our sales team for a custom demo.