自己服务器上Mercurial的细粒度ACL [英] Fine Grained ACLs For Mercurial On Own Server
问题描述
我们正计划从SVN切换到DVCS,这很可能是出于商业目的.为了进行协作,我们希望仍然有一个中央服务器.当前,我们使用AuthzSVNAccessFile进行ACL和对中央SVN服务器的身份验证.
We are planning to switch from SVN to a DVCS, probably mercurial. To collaborate, we'd like to still have a central server though. Currently, we use AuthzSVNAccessFile for ACLs and authentication to our central SVN server.
在ACL文件中,我们授予了对组/用户的读/写访问权限,以完成存储库或仅与该示例类似的子目录(但是对于许多存储库):
In the ACL file, we granted read/write access to groups/users to complete repositories or only subdirectories similar to that example (however for many repositories):
[repo:/foo]
bob = rw
[repo:/bar]
alice = rw
[repo:/common]
@repo-clients = r
问题是:通过这种细粒度的ACL授予访问权限的商业方式是什么?我们应该使用哪种基于HTTPS的服务器解决方案?我们希望在一个公共文件中具有所有存储库的ACL配置.此外,对于非技术团队,我们也不想使用SSH密钥身份验证机制来降低在服务器上使用协作的障碍.
The question is: what is the mercurial way of granting access with such fine-grained ACLs? Which HTTPS based server solution should we use? We'd like to have the ACL configuration for all repositories in one common file. Furthermore, we don't want to use SSH-key authentication mechanisms to keep the hurdle to use collaboration over our server low also for non-tech teams.
推荐答案
通过这种细粒度的ACL授予访问权限的商业方式是什么?
what is the mercurial way of granting access with such fine-grained ACLs?
我们应该使用哪个基于HTTPS的服务器解决方案?
Which HTTPS based server solution should we use?
任何时候,尽管ACL的推荐外壳为 hg-ssh
Any, while recommended shell for ACL is hg-ssh
我们希望在一个公共文件中具有所有存储库的ACL配置.
We'd like to have the ACL configuration for all repositories in one common file.
必须在hgrc中配置所有ACL扩展名设置
All ACL extension settings have to be confugured in hgrc
此外,我们不想使用SSH密钥身份验证机制来降低在服务器上使用协作的障碍
Furthermore, we don't want to use SSH-key authentication mechanisms to keep the hurdle to use collaboration over our server low
如果可以运行,Rhodecode很不错
Rhodecode is nice, if you can run it
Puttyget + Pageant(适用于Win-sude) 可用于普通用户(已测试),但是:ACL与协议无关,因此您可以使用http | https(并已准备就绪)关于https的其他头痛)
Puttyget+Pageant (for Win-sude) is usable for ordinary users (tested), but: ACL is protocol-agnostic, thus you can use http|https (and will be ready to possible additional headache around https)
这篇关于自己服务器上Mercurial的细粒度ACL的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
