Is it possible to prevent users from delivering change sets to a component within a stream ?
For instance, an "Integration" stream should never see any deliver from the developers: only the integration team should be able to modify that "Integration" stream.
And yet, right now, any collaborator of the project area are able to make a repo workspace and, by changing its flow target (i.e. adding that "Integration" Stream and setting it "current"), are able to just deliver to that stream!?
How can I prevent that?
Yes, but the restriction is rather about authorizing the deliver for anyone having a specific role, rather than restraining just one person by name.
So if that one person doesn't have a specific role associated with his/her profile in that Project Area, he/she won't be able to deliver on that stream.
You need to add a hook, through the "Operation Behavior" section, for the "deliver (server)" operation. See the illustration:
The hook "Restrict Change set delivery to components in a stream" will allow only the users with the role "release_engineer" (custom role created just for our project) to deliver on the Stream mentioned in the field "Stream", for the components listed in the "Component / Permissions" array.
来源:https://stackoverflow.com/questions/10518954/restrict-user-access-at-component-level-within-a-stream