Granting Global Permissions In Plastic: A Step-By-Step Guide

how to grant global permissions in plastic

PlasticSCM is a version control system that allows users to manage permissions for different groups. By default, the ALL USERS group has all permissions in the repository, but this can be changed by removing the group from the top of the hierarchy and defining custom access levels for specific users and groups. Unity Version Control (UVCS) allows users to control access to repositories and restrict certain operations, as well as enforce policies and best practices for development and deployment. Users can be given different levels of access to the repository server, including specific access to repositories, branches, and items.

Characteristics Values
Default group permissions ALL USERS group has all permissions
Customization Remove blanket access and customize access levels
User groups Administrators and Developers
User groups availability Only if "New experience" banner is not in the Version Control navigation menu
User groups management Available through Unity Cloud Dashboard
Permission replication Plastic replication system supports Copy mode, Name mode, and Translation table mode
Permission error message UVCS displays an error message specifying the missing permission
Global permissions Granted to groups of users
Global permissions management Available through System > Global permissions

shunpoly

Remove the ALL USERS group from the top of the hierarchy

By default, the ALL USERS group has all permissions allowed in your repository. To secure your repository, you need to customize your access levels. To do this, you must first remove the ALL USERS group from the top of the hierarchy.

To remove the ALL USERS group from the top of the hierarchy, you must first set up an administrator user and grant them full access. This will allow you to make changes to the access levels of other users and groups.

Once you have set up an administrator user, you can begin to carefully define the users and groups and their permissions. You can give specific users different levels of access to the repository server. This includes giving users specific access to repositories, branches, and even items, if required. For example, you might restrict read access in centralized setups where sensitive areas of the repository need to be protected in such a way that some project members can't even view them.

Additionally, you can restrict access to the main development line so that only integrators can make modifications, reducing the risk of any breaking changes. Every object in Unity Version Control has an associated Access Control List (ACL) which makes it simple to customize access and security.

Plastic Storage: NM Code-Compliant?

You may want to see also

shunpoly

Set up an administrator user and grant full access

To set up an administrator user and grant full access in PlasticSCM, you must first remove the "ALL USERS" group from the top of the hierarchy. This step is crucial to securing your repository by preventing blanket access and allowing you to customize access levels for specific users and groups.

Once you've removed the "ALL USERS" group, you can proceed to set up an administrator user. When inviting a new user, you have the option to choose whether they will be a cloud admin. If you select this option, the system automatically adds the new user to the Administrators group, granting them full access and administrative privileges.

It's important to note that the Unity Version Control system in PlasticSCM offers two default groups: Administrators and Developers. By default, new users who are not designated as cloud admins are placed into the Developers group.

To ensure a smooth and secure transition, carefully define the users and groups along with their respective permissions. Additionally, consider referring to the Plastic SCM documentation for specific security configurations and scenarios to enhance the security of your repository.

Regarding the DVCS scenario you mentioned, it's important to understand how permissions are replicated across different developers' local repositories. In PlasticSCM, the replication system supports three translation modes: Copy Mode, Name Mode, and Translation Table. These modes facilitate the translation of security identifiers between repositories, ensuring consistent enforcement of permissions across different users and repositories.

shunpoly

Change permissions to repositories in your UVCS server

To change permissions to repositories in your UVCS server, you must have the New experience banner in your Version Control navigation menu. This will allow you to assign and manage permissions for user groups.

The Unity Version Control (UVCS) security system helps secure your version control processes. It allows you to control access to repositories and restrict certain operations. You can assign different permissions to projects and users to restrict access and prevent any compromise of sensitive data.

Every object in Unity Version Control has an associated Access Control List (ACL), which makes it simple to customize access and security. You can restrict access to the main development line so that only integrators can make modifications, reducing the risk of breaking changes.

To change permissions, you can edit the user group permissions. By default, the ALL USERS group has all permissions in your repository. To secure your repository, you need to remove this blanket access and customize your access levels. Set up an administrator user and grant them full access. Then, carefully define the users and groups and their permissions.

You can also set different permissions for specific repositories. To edit repository permissions from the Edit user page, open the Repository permissions tab. From the Repository dropdown, select the repository that you want to edit the permissions for. Check the checkboxes to enable or disable permissions and select Save.

shunpoly

Change user and group permissions

PlasticSCM is a version control system that allows users to manage permissions for different repositories, branches, and items. It provides flexibility in controlling access and restricting operations to ensure data security.

To change user and group permissions in PlasticSCM, follow these steps:

  • Set Up Administrator Access: The first step is to establish an administrator account that has full access to the system. This administrator user will be responsible for managing and customising permissions for other users and groups.
  • Remove Blanket Access: By default, the "ALL USERS" group has all permissions allowed in the repository. To enhance security, remove this blanket access by removing the "ALL USERS" group from the top of the hierarchy. This step ensures that you can define granular permissions for specific users and groups.
  • Define User Groups: Carefully define user groups based on their roles and responsibilities. PlasticSCM comes with two default groups: Administrators and Developers. When inviting new users, you can assign them to the appropriate group. Additionally, you can create custom groups if needed to align with your organisation's structure.
  • Assign User Permissions: Grant specific permissions to users or user groups. You can provide different levels of access to the repository server, allowing users to access specific repositories, branches, or items as required. For example, you can restrict developers to specific branches, ensuring only authorised users can merge changes into the main branch.
  • Manage Security Restrictions: If your project requires security restrictions to prevent unauthorised access or enforce development policies, customise your permissions accordingly. You can change permissions at the top level (repository level) to secure all contained objects, or you can edit permissions for specific branches or items.
  • Monitor and Diagnose: Regularly monitor user activity and diagnose any permission-related issues. PlasticSCM provides features like error messages when users attempt operations they don't have permissions for. Additionally, the system protects against users circumventing security by renaming paths or directories.

By following these steps, you can effectively manage user and group permissions in PlasticSCM, ensuring a secure and controlled development environment.

shunpoly

Restrict access to the main development line

To restrict access to the main development line in PlasticSCM, you can follow these steps and considerations:

Firstly, it's important to set up an administrator user with full access permissions. This user will be able to manage and customize access levels for other users and groups. The default setting in PlasticSCM includes an “ALL USERS” group with all permissions allowed in the repository. To restrict access to the main development line, you should remove this group from the top of the hierarchy and carefully define specific user and group permissions.

You can create different user groups, such as "Administrators" and "Developers," and assign users accordingly. When inviting a new user, you have the option to grant them cloud admin privileges, which will add them to the Administrators group.

To restrict access to the main development line, you can utilize the Unity Version Control System (UVCS). UVCS allows you to control access to repositories and restrict certain operations. You can assign different permissions to projects and users, ensuring that only authorized integrators can make modifications to the main development line. This helps reduce the risk of any breaking changes.

Additionally, you can restrict read access to certain paths within the repository. This means that certain users will not be able to view specific parts of the repository, protecting sensitive areas. This can be configured through path-based security settings.

It's important to note that these instructions are based on the assumption that you do not have the "New experience" banner in your Version Control navigation menu, where user groups are available. If you have the "New experience" banner, the process of managing permissions may differ.

By following these steps, you can effectively restrict access to the main development line in PlasticSCM, ensuring that only authorized integrators can make modifications while protecting sensitive data.

Frequently asked questions

To grant global permissions in Plastic, you must first set up an administrator user and grant them full access. Then, you can define the users and groups and their permissions.

To set up an administrator user, you need to remove the ALL USERS group from the top of the hierarchy. This will remove blanket access to your repository.

You can define user groups and their permissions by using the Unity Cloud Dashboard. You can also assign different permissions to projects and users to restrict access to sensitive data.

You can restrict access to certain users by changing the permissions at the top level or for specific repositories, branches, and items. You can also restrict access to the main development line so only integrators can make modifications.

Written by
Reviewed by
Share this post
Print
Did this article help you?

Leave a comment