Folder level security and default rights not working

If you are having a problem using Vault, post a message here.

Moderator: SourceGear

Post Reply
matt_stephens
Posts: 27
Joined: Wed Mar 08, 2006 4:22 am

Folder level security and default rights not working

Post by matt_stephens » Wed Apr 26, 2006 6:06 am

We currently have 2 repositories, the default that was installed with vault and one which we've added most of our code to.
Until today we've used it with no folder level security but now we've added a bunch more users and will be adding other repositories we enabled folder level security on on our main code repository and left default repository alone.

I added a group that contains my user and assigned it RCA access to the root $ folder in our code repository. Finally i made all users default rights be just Read.

All would appear to be OK in the main code repository, i can check out, edit and check in files as before. However if i then use the default repository i can still check out and check in files even though my default rights are just Read.

We rebooted the server in case this info is cached but it still behaves the same.

I also tried logging on as one of the new users i have just added where i chose Read as the default access initially and added them to just one of our folders in the main code repository. Within the main code repository i see the expected behaviour so they can only checkout from the one folder we allowed access to. But if they access the default repository they can check out files despite only ever having been assigned Read access from the point their user account was created.

We're using Active Directory accounts to verify credentials if that might make a difference.

Should Vault work this way?
Top
lbauer
Posts: 9736
Joined: Tue Dec 16, 2003 1:25 pm
Location: SourceGear

Post by lbauer » Wed Apr 26, 2006 1:48 pm

Security settings for users, including default rights, are only enforced if Folder Security is enabled for the specific repository. The exception is that you can deny access to an entire repository with out enabling folder security on that repository.

We probably could be a little more clear about this in the Admin Tool.
Linda Bauer
SourceGear
Technical Support Manager
Top
matt_stephens
Posts: 27
Joined: Wed Mar 08, 2006 4:22 am

Post by matt_stephens » Thu Apr 27, 2006 2:47 am

Thanks, that makes sense now you explain it like that. We had assumed that you could restrict users globally with their default rights and then folder level security allowed finer control with Groups and permissions set at specific folder levels.

Matt
Top
Post Reply

Return to “Support (Vault)”