Grant permissions
The Git Connector authenticates Git users through HTTP or SSH (see Set up Git users to work with the Git Connector) and allows them to access resources by pull, push, and clone transactions through user or group permissions in the Helix Server.
For details on
Helix Server permissions, see Securing the Server . For
details on the p4 protect command, see p4 protect in the
Helix Core Command-Line (P4) Reference.
For details on access control policies related to graph depots, see Manage access to graph depots and repos.
If you encounter a reference to the gconn-user, this is the GConn P4 user.
The Git Connector configuration script grants the gconn-user the graph depot permission of admin for all graph depots automatically. However, this only takes effect if the gconn-user has an entry in the Helix Core protections spec form. We therefore recommend that the gconn-user be given the list
protection for a graph depot.
As super, perform the following steps to grant the required permissions:
-
Add the user
gconn-userto the protections spec form with thelistprotection. To do so, run thep4 protectcommand to open the protections spec form:$ p4 protect
and add the following line to the protections spec form:
list user gconn-user * //repo/...
then save the spec.
-
(optional) Grant
adminpermission to another user so that this user can manage permissions for repos and graph depots:$ p4 grant-permission -d graphDepotName -u username -p admin
-
(optional) Grant some Helix Core users the permission to create repos for specific graph depots:
$ p4 grant-permission -d graphDepotName -u username -p create-repo
-
(optional) Grant some Helix Core end-users permission to push repos to a graph depot:
$ p4 grant-permission -d graphDepotName -u username -p write-all
Instead of granting permissions to single users, we recommend that you create groups, assign users to groups, and set permissions that are appropriate for that particular group. See Grant access to groups of users.
