A gerrit question about restriction branch access

[Gaurav Negi]

Dear Gerrit experts,

    Can we restrict read access of certain branches to some group in Gerrit. 

example, my repo has 10 branches. But for a particular group A, I want to share only 4 branches with them. 

Means, when Group A clone the repo, they get only those 4 branches in their local. 

Others should get all 10.

Is that possible in Gerrit? 

Please let me know.

Thanks

-Gaurav

[Doug Kelly]

Yes it is.  Instead of granting permissions at the refs/heads/* level or refs/* level, you would want to grant specific access to a specific branch.   It is also possible to use regular expressions instead of specifying each branch individually.

You may want to refer to the access controls documentation:

https://gerrit-review.googlesource.com/Documentation/access-control.html

Specifically, you want to restrict Read, and also understand the difference between a BLOCK and DENY permission (or how the exclusive permissions work).  Basically, there are lots of ways you could do this.  We explicitly allow write to only a handful of branches (using the regex wildcarding), and no other write access is granted, so the result is an implicit block.  The same could be done for read permissions.

--Doug

[Edwin Kempin]

2015-01-13 21:21 GMT+01:00 Gaurav Negi <gaura...@gmail.com>:

Hi Edwin,

   I put this question in the group. Didnot hear from anyone. Can you please reply?

Thanks

-Gaurav

Yes, it's possible. Make sure that Group A has only Read permissions [1] on the 4 branches,
but not on the other 6 branches.

Others should have Read permissions on all the 10 branches.

[1] https://gerrit-review.googlesource.com/Documentation/access-control.html#category_read