Git - Using namespaces and restrict access
I'm currently trying to create a git repository on my server. But I need a "special" configuration for this. Below is the access tree:
- Project Repository Read/Write: Admin
- Dummy-Project Read/Write: Admin, PersonA
- Final-Project Read/Write: Admin, PersonA
- Developer-1-Namespace Read/Write: Admin, PersonA, Developer-1
- Developer-2-Namespace Read/Write: Admin, PersonA, Developer-2
- Developer-3-Namespace Read/Write: Admin, PersonA, Developer-3
So in detail there should be one repository for a project with different namespaces and access-groups. So every developer can act like he has his own repository and do all the usuall operations but to manage them easier as the admin they should be all in a single repository. And it's very important that Developers can't push/pull into the Dummy/Final-Project. They should have only access to their own inner "repository".
I heard namespaces can be used for this, but i don't know how and i can't find a proper documentation or tutorial on how to do that.
I hope someone here can help me with that.
Git itself doesn't support such fine-grained access control (you'd need to have separate repositories), but e.g. Gerrit Code Review does. Then you could give different groups of users access to different branches of the same repository.
It's not clear why having a single repository would be easier from an administrative point of view. If the branches for the different users are independent and there's no need to merge them it might be easier to have different repositories.
I was looking for something similar and gitolite (for authorization management) seems to be the answer to whatever has to do with fine-grained acces control to git. For your case, it will be combined with using namespaces. From gitolite manual:
"personal" branches are great for environments where developers need to share work but can't directly pull from each other (usually due to either a networking or authentication related reason, both common in corporate setups). Personal branches exist in a namespace of their own. The syntax is RW+ personal/USER/ = @userlist
About gitolite: http://git-scm.com/book/en/Git-on-the-Server-Gitolite