In our repository, we would like to be able to set up permissions so
that
specific groups of people (in particular, co-op students who are only
with
us for four months) can only check out from specific areas of the
repository. In general, full-time staff have access to most, if not
all,
areas of the repository.
We currently use permissions, groups and ACLs at the operating system
level
to achieve this, however there are drawbacks. Full-time staff are in
one
group, and co-op students are in different groups. When one group adds
a
directory to the repository, the other group cannot access that
directory
until its ACLs are updated. This is usually done automatically by an
overnight cron job, but it can be run on-demand.
The cvs_acls script is great for this kind of control - but it only
works at
check-in, not at check-out (we don't want our co-op students checking
out
significant portions of the repository, burning it to a CD and selling
our
intellectual property to our competitors).
For us, an equivalent to the 'commitinfo' which runs at checkout-time
would
be very useful. The trigger would behave the same - an exit code of 0
allows
the checkout to proceed, and a non-zero exit code aborts the checkout.
Are
we unique in this requirement, or are there other people on this list
who
would find a checkout trigger useful?