Grant permissions

The Git Connector authenticates Git users through HTTP or SSH (see Set up Git users to work with the Git Connector) and allows them to access resources by pull, push, and clone transactions through user or group permissions in the P4 Server.

For details on P4 Server permissions, see Secure the server . For details on the p4 protect command, see p4 protect in the P4 CLI Reference.

For details on access control policies related to graph depots, see Manage access to graph depots and repos.

If you encounter a reference to the gconn-user, this is the GConn P4 user.

The Git Connector configuration script grants the gconn-user the graph depot permission of admin for all graph depots automatically. However, this only takes effect if the gconn-user has an entry in the P4 protections spec form. We therefore recommend that the gconn-user be given the list protection for a graph depot.

As super, perform the following steps to grant the required permissions:

Add the user gconn-user to the protections spec form with the list protection. To do so, run the p4 protect command to open the protections spec form:
```
$ p4 protect
```
and add the following line to the protections spec form:
```
list user gconn-user * //repo/...
```
then save the spec.
(optional) Grant admin permission to another user so that this user can manage permissions for repos and graph depots:
```
$ p4 grant-permission -d graphDepotName -u username -p admin 
```
(optional) Grant some P4 users the permission to create repos for specific graph depots:
```
$ p4 grant-permission -d graphDepotName -u username -p create-repo
```
(optional) Grant some P4 end-users permission to push repos to a graph depot:
```
$ p4 grant-permission -d graphDepotName -u username -p write-all 
```

Instead of granting permissions to single users, we recommend that you create groups, assign users to groups, and set permissions that are appropriate for that particular group. See Grant access to groups of users.