GitCentric Group-Based ACLs

On the Git side, you define group-based ACLs and apply them to repositories, to control what kind of access group members have to GitCentric-controlled Git repos and branches. (GitCentric group-based ACLs are different than, and should not be confused with, AccuRev Element ACLs or EACLs, which control access to files on the AccuRev Server.)

GitCentric provides five system or pre-defined internal or groups:

• Administrators (internal)
• Anonymous Users (system)
• Non-interactive Users (internal)
• Repository (“Project”) Owners (system)
• Registered users (system)

You can define more groups as necessary.

GitCentric is installed with a basic set of ACLs on a special, system-defined project named “All-Projects”, from which all repos inherit their base set of ACLs. These basic ACLs are set to be highly secure, so you will need to customize them for your site before your users can use GitCentric.

The general topic of group-based ACLs is beyond the scope of this document, so you will need to learn about them from the Gerrit Code Review documentation referenced below, but at a very high level:

• Every user account is a member of one or more groups, and access and privileges are granted to those groups. You cannot grant access rights to individual users.
• Access rights are then assigned to these groups per repo (or project). Access rights granted to parent repos are inherited by child repos. Access rights defined for the All-Projects project are inherited by all other projects.

For information about creating and configuring GitCentric group ACLs from the GitCentric GUI, see Configure Access Rights (ACLs) for a Repo.