Controlling security and user access

Surround SCM includes extensive security options that can be configured to provide as much or as little security as needed. Most organizations only need to configure group, or server-level, security. You can also set repository and branch security.

Group users by role or function before you start configuring security and adding security groups. It may be helpful to create a list of the types of users who access Surround SCM. Also consider your company’s process and define roles and permissions accordingly. A strong security model allows you to be flexible in assigning access without risking data integrity. The following questions can help you get started:

  • What types of users need access to Surround SCM? For example, project leads, programmers, and testers.
  • What activities can users in the group perform? For example, access to promote and rebase files.
  • Which repositories can the users in the group access? For example, restrict teams to specific repositories.
  • How does the build process work? For example, apply read-only branch security after a software release.
See Surround SCM Security Best Practices for recommendations about user, database, and server management to keep data secure.

Example

For example, a project team may include one or more of the following:

  • An administrator with access to all commands
  • A project lead with access to most commands, but is restricted from advanced features, such as creating mainline branches, adding users, or editing server options
  • One or more developers with access to most file and branch commands, but are restricted from most admin, user, and group commands
  • One or more testers with access only to basic commands, such as getting and viewing files
  • A customer restricted to viewing one repository

Related Topics Link IconSee also