Restricting users from seeing a repository
search cancel

Restricting users from seeing a repository

book

Article ID: 77516

calendar_today

Updated On: 07-01-2025

Products

CA Harvest Software Change Manager - OpenMake Meister CA Harvest Software Change Manager

Issue/Introduction

We have a user group that should only be allowed to see one of the repositories attached to their project. We tried to remove the group from the "View Access" list for all other repositories but they can still see them all. How do we accomplish this?

Environment

CA Harvest SCM all versions and platforms

Resolution

When you right click on the repository name in Administrator Tool, and go to the Properties window and the Access tab,

the permissions you are altering are those for the repository “object”, not the files and folders within the repository. So this would control things like who would be able to see the existence of this repository in the Administrator Tool, who could change the name of the repository or the description, or how file extensions are handled. 



When you right click on a folder or file within the repository, and go to the Properties Window and the Access tab, you are controlling permissions to see and update that folder and all its contents. 



To accomplish the goal of preventing users from "seeing" the files in a specific repository, the Folder properties access list is the correct one to update.

In Administrator Tool, on the Repositories tab, right click on each root-level folder and file in the repository and select Properties, then remove the “Public” user group and add the user groups who should be allowed to see this folder or file: 

Any change in permissions you make for a folder will cascade down to all the folders and files inside it. So you only need to do this for the top-level folders. You will also need to do this for any files that have been checked in at the root level of the repository. 

The one catch with this is that you cannot set this type of access permission for the repository as a top-level folder. So there are 2 consequences to that: 

  • All users will be able to see the repository folder, but not the contents inside the folder unless they have been granted permission. 
  • Any user with permission to check things in would be able to check in new files and folders to the repository where permission has been restricted. The new files or folders will come in with “Public” access permission. This can be reset after check in completes from the Administrator Tool. 

Additional Information

More details on access levels and what they control can be found here: Control Object Access