I've set up Mercurial via Apache (hgwebdir.cgi). I would like to have the same functionality as when using Subversion and AuthzSVNAccessFile, in which I can restrict which user has read or write permissions for every single repository. The acl extension only controls how changes are brought to the repository, as does the allow_push directive. Any thoughts?
Add a comment |
2 Answers
There is an allow_read directive that can be added to a repository hgrc that works the same way as allow_push. If specified, and the user accessing the hgwebdir CGI script is not in the list, the project doesn't even show up at the index page.
- Thanks a lot! The allow_read directive does not appear in the hgbook, nor in the wiki at selenic.com when it describes hgrc.mgv– mgv2009-06-30 15:08:45 +00:00Commented Jun 30, 2009 at 15:08
They're served up via apache or lighttpd, right? So you could maybe hide them behind normal webby ACL things? (basic auth, etc)
Note that, as with git, as a consequence of they way they work, you're never going to be able to have control at any finer granularity than the repository level. You can grant whole-repo access or not, but never just 'you can read this one file in the repo' access.
