Synopsis
Control users' access to files, directories, and commands.Syntax
p4 [g-opts] protectp4 [g-opts] protect -o
p4 [g-opts] protect -i
Description
Use p4 protect to control Perforce permissions. You can use p4 protect to:
- Control which files particular users can access;
- Manage which commands particular users are allowed to use;
- Combine the two, allowing one user to write one set of files but only be able to read other files;
- Grant permissions to groups of users, as defined with p4 group;
- Limit access to particular IP addresses, so that only users at these IP addresses can run Perforce.
|
Access Level |
What the User Can Do |
|---|---|
|
list |
The user can access all the Perforce metadata, but has no access to file contents. The user can run all the commands that describe Perforce objects, such as p4 files, p4 client, p4 job, p4 describe, p4 branch, etc. |
|
read |
The user can do everything permitted with list access, and also run any command that involves reading file data, including p4 print, p4 diff, p4 sync, and so on. |
|
open |
This gives the user permission to do everything she can do with read access, and gives her permission to p4 add, p4 edit, and p4 delete files. However, the user is not allowed to lock files or submit files to the depot. |
|
write |
The user can do all of the above, and can also write files with p4 submit and lock them with p4 lock. |
|
review |
This permission is meant for external programs that access Perforce. It gives the external programs permission to do anything that list and read can do, and grants permission to run p4 review and p4 counter. It does not include open or write access. |
|
super |
Includes all of the above, plus access to the superuser commands such as p4 verify, p4 obliterate, p4 jobspec, and so on. |
Form Fields
When you run p4 protect, Perforce displays a form with a single field, Protections:. Each permission is specified in its own indented line under the Protections: header, and has five values:
|
Column |
Description |
|---|---|
|
Access Level |
One of the access levels list, read, open, write, review, or super, as defined above. |
|
User or Group |
Does this protection apply to a user or a group? The value of this field must be user or group. |
|
Group Name or User Name |
The name of the user or the name of the group, as defined by p4 group. To grant this permission to all users, use the * wildcard. |
|
Host |
The IP address. Use the * wildcard to refer to all IP addresses. |
|
Depot File Path |
The depot file path this permission is granted on, in Perforce depot syntax. The file specification can contain Perforce wildcards. To exclude this mapping from the permission set, use a dash (-) as the first character of this value. |
When exclusionary mappings are not used, a user is granted the highest permission level listed in the union of all the mappings that match the user, the user's IP address, and the files the user is trying to access. In this case, the order of the mappings is irrelevant.
When exclusionary mappings are used, order is relevant: the exclusionary mapping override any matching protections listed above it in the table. No matter which access level is being denied in the exclusionary protection, all the access levels for the matching users, files, and IP addresses are denied.
Options
-i
Read the form from standard input without invoking an editor.
-o
Write the form to standard output without invoking an editor.
See the Global Options section.
|
-i |
Read the form from standard input without invoking an editor. |
|
-o |
Write the form to standard output without invoking an editor. |
|
See the Global Options section. |
Usage Notes
- Each access level includes all the access levels below it, as illustrated in this chart:
- Access levels determine which commands the user is allowed to use. The following table lists the minimum access level required for a user to run each command For example, since p4 add requires at least open access, p4 add can be run if open, write, or super protections are granted.
a This command doesn't operate on specific files. Thus, permission is granted to run the command if the user has the specified access to at least one file in the depot.
b The -o flag to this command, which allows the form to be read but not edited, requires only list access.
c list access is required to view an existing counter's value; review access is required to change a counter's value or create a new counter.
d To run p4 integrate, the user needs open access on the target files and read access on the donor files.
- When a new Perforce server is installed, anyone who wants to use Perforce is allowed to, and all Perforce users are superusers. The first time anyone runs p4 protect, the invoking user is made the superuser, and everyone else is given write permission on all files. For your safety, run p4 protect immediately after installation.
- It is possible to deny yourself super access; if you accidentally deny yourself super access, you will subsequently be unable to run p4 protect. To get around this, remove the db.protect table under P4ROOT of the Perforce server.
- In the course of normal operation, you'll primarily grant users list, read, write, and super access levels. The open and review access levels are used less often.
- Those commands that list files, such as p4 describe, will only list those files to which the user has at least list access.
- Some commands (for instance, p4 change, when editing a previously submitted changelist) take a -f flag which can only be run by Perforce superusers.
- The open access level gives the user permission to change files but not submit them to the depot. Use this when you're temporarily freezing a codeline, but don't want to stop your developers from working, or when you employ testers who are allowed to change code for their own use but aren't allowed to make permanent changes to the codeline.
- The review access level is meant for review daemons that need to access counter values.
- If you write a review daemon that requires both review and write access, but shouldn't have super access, grant the daemon both review and write access on two separate lines of the protections table.
- To limit or eliminate the use of the files on a particular server as a remote depot from a different server (as defined by p4 depot), create protections for user remote. Remote depots are always accessed by a virtual user named remote.
- For further information, consult the Protections chapter of the Perforce System Administrator's Guide.
Examples
Suppose that user joe is a member of groups devgroup and buggroup, as set by p4 group, and the protections table reads as follows:
|
super user bill * //... |
Joe attempts a number of operations. His success or failure at each is described below:
|
From IP address... |
Joe tries... |
Results |
|---|---|---|
|
10.14.10.1 |
p4 print //depot/misc/... |
Succeeds. The second line grants Joe write access on these files; write access includes read access, and this protection isn't excluded by any subsequent lines. |
|
10.14.10.1 |
p4 print //depot/proj/README |
Fails. The third line removes all of Joe's permissions on any files in this directory. (If the second protection and the third protection had been switched, then the subsequent protection would have overridden this one, and Joe would have succeeded). |
|
192.168.100.123 |
p4 print //depot/proj/README |
Succeeds. Joe is sitting at an IP address from which he is granted this permission in the fourth line. |
|
192.168.100.123 |
p4 verify //depot/misc/... |
Fails. p4 verify requires super access; Joe doesn't have this access level no matter which IP address he's coming from. |
Related Commands