The approach I've been playing around with goes something like this.
(It's very perforce specific)
Extend the authentication to get a perforce ticket for the user when
they log in. Add it to the user's account as some sort of scmtool
authentication token. This will allow p4 commands to be issued
without the users password.
The scm perforce methods would have to be tweaked to try an perforce
command with the user's account instead of the general repository
account. (Maybe the flag on the repository could be used for this?)
Would it be pretty straightforward to use the user's account name
instead of the repository account?
Then tweak the exception handling to display nice messages when a diff
can't be applied to the full code from source control.
I'm just not sure how scm neutral that approach would be. I'm not as
familiar with this sort of access control in CVS or SVN.
-Brian
On Jun 27, 4:19 pm, "Christian Hammond" <
chip...@chipx86.com> wrote:
> The desired setup is going to vary depending on a company's install, and
> this is going to take a lot of work to get right. I'm unsure how best to
> implement this, but I imagine what we'll want is:
>
> * A flag on a Repository indicating whether it's "public" (anyone can
> post/view reviews on it).
> * A list of users on a Repository who have access to reviews on that
> repository. (Used only when the public flag is not set).
>
> We wouldn't be able to use the Django permissions because those are more for
> "Joe can view entries on this model" rather than "this particular instance
> of the model."
>
> We'd then need some way of automatically adding people to the list based
> on..... something. That I don't know. Whatever mechanism we chose would need
> to be generic enough to allow for people to use it with different setups.
>
> Christian
>
> --