Open topic with navigation

Controlling Security and User Access

Surround SCM includes extensive security options that can be configured to provide as much or as little security as needed. Most organizations only need to configure group, or server-level, security. You can also set repository and branch security.

Group users by role or function before you start configuring security and adding security groups. It may be helpful to create a list of the types of users who access Surround SCM. Also consider your company’s process and define roles and permissions accordingly. A strong security model allows you to be flexible in assigning access without risking data integrity. The following questions can help you get started:

• What types of users need access to Surround SCM? For example, project leads, programmers, and testers.
• What activities can users in the group perform? For example, access to promote and rebase files.
• Which repositories can the users in the group access? For example, restrict teams to specific repositories.
• How does the build process work? For example, apply read-only branch security after a software release.

Note: A project team might include one or more of the following: An administrator with access to all commands. A project lead who has access to most commands but is restricted from such things as creating mainline branches, adding users, or editing server options. One or more developers with access to most file and branch commands but are restricted from most admin, user, and group commands. One or more testers who only have access to basic commands, such as getting and viewing files. A customer who is restricted to viewing one repository.

See also