问题
We are planning to switch from SVN to a DVCS, probably mercurial. To collaborate, we'd like to still have a central server though. Currently, we use AuthzSVNAccessFile for ACLs and authentication to our central SVN server.
In the ACL file, we granted read/write access to groups/users to complete repositories or only subdirectories similar to that example (however for many repositories):
[repo:/foo]
bob = rw
[repo:/bar]
alice = rw
[repo:/common]
@repo-clients = r
The question is: what is the mercurial way of granting access with such fine-grained ACLs? Which HTTPS based server solution should we use? We'd like to have the ACL configuration for all repositories in one common file. Furthermore, we don't want to use SSH-key authentication mechanisms to keep the hurdle to use collaboration over our server low also for non-tech teams.
回答1:
what is the mercurial way of granting access with such fine-grained ACLs?
ACL Extension
Which HTTPS based server solution should we use?
Any, while recommended shell for ACL is hg-ssh
We'd like to have the ACL configuration for all repositories in one common file.
All ACL extension settings have to be confugured in hgrc
Furthermore, we don't want to use SSH-key authentication mechanisms to keep the hurdle to use collaboration over our server low
Rhodecode is nice, if you can run it
Puttyget+Pageant (for Win-sude) is usable for ordinary users (tested), but: ACL is protocol-agnostic, thus you can use http|https (and will be ready to possible additional headache around https)
回答2:
You could setup a RHodeCode which has user groups, and repository groups and a nice UI for the server.
来源:https://stackoverflow.com/questions/8103499/fine-grained-acls-for-mercurial-on-own-server