Software Configuration Management and Agile Software Development

Posts Tagged ‘compliance’

Increased Security in AccuRev 5.2

September 8th, 2011 by AccuRev

AccuRev’s security has advanced to the next level with the release of version 5.2. One of the great new features that I’m happy to introduce is Access Control Lists, or ACLs.

AccuRev’s ACLs

Have you ever wanted to fine tune your security for files or streams based on role, group or user? Now you can using our new built in security commands. Here’s how it works:

In addition to locks, each stream can have one or more permissions. This also applies to files and directories. This means that you can control who can modify/see certain streams, and who can modify/see specific elements.

Setting ACLs are easy, this can be done via the CLI:

C:\Users\clucca>accurev setacl stream phoenix_Client chris all

The ACL has been set successfully.

This will now lock me out of all the files under the phoenix_Client stream…

If I try to access that stream in the GUI, I will receive this message:
This also works for files and directories, which is great for teams that want to have secure outsourcing and security conscious development initiatives.

In addition you can use the lsacl command to list permissions. You can see that for the stream phoenix_Client chris has no rights to access it, but the permission doesn’t inherit to the rest of the streams, so I can access everything underneath it.

No comments »

Posted in AccuRev, Best Practices, Product Review, Tips and Tricks, version control

Tags: access control list compliance Security

Getting the Most out of AccuRev’s Windows Explorer Integration

March 18th, 2009 by acserpa

Share|

As organizations become more advanced in their use of software configuration managment (SCM) they typically expand its use to include more than the software developers. A common addition is around audibility and compliance of the entire development process which may require them to version more than just the source code, but also any requirements, project plans, design artifacts and documentation. This enables the labeling of the big picture of who, what, where, why and how the software was developed.

With this expansion there are now more users of the SCM tools, many of whom have never used a version control solution before. A few examples of these new user types may be hardware designers, graphic designers, product managers, or the documentation team. These types of users are working with different types of files, and work in different tools than the traditional software developers and because of that may use version control tools in different ways. These users may have historically created versions of files using naming convention such as:

ReleaseNotes_v1.doc, ReleaseNotes_v2.doc etc. all on their local computer.

Obviously this can be an error prone process and also a single point of failure if something were to happen to that user’s computer. Since many of the files they work on are binary (.doc, .pdf, .ai, .dwg, .vsd etc.) they may want to work on these files in a serial mode so they don’t have to try to manually merge them when someone else makes changes to them in parallel. So instead of the traditional use of AccuRev, taking advantage of our parallel development features, these users may want to work in exclusively locked workspaces or at least have exclusive locks on certain files to protect them.

In order to make this new type of user successful they need to use an interface that is familiar to them. With many source code control tools they may have to write scripts, manage configurations or interact with a command line interface to be able to get their work done. This type of interaction will likely not work well for these types of users, as many of them may not have the technical know how to work in those environments. AccuRev can make this transition much more fluid and familiar for these users with the AccuBridge for Windows Explorer. This interface gives the user access to the AccuRev commands needed from within the familiarity of Windows Explorer as seen in exhibit 1.