Foreword
Nowadays, with the growing scale of software projects and the continuous intensification of project complexity, the importance of software configuration management (SCM) has become more and more recognized. Many excellent software configuration management tools also have to be born, making us easily manage our software projects, as one of this, Microsoft Visual SourceSafe is easy to use, easy to efficient, and Windows operating system and Microsoft development tools. High integration and other advantages. Today, let's talk about the rights management in VSS.
First of all, I will explain the principle of implementation of the VSS mid-level mechanism, which is designed to VSS's default security access mechanism, project security and other content, then I will tell the specific method of implementing the permissions mechanism, and finally I will combine a software transfer project. Let's talk about how permission management is applied to the actual project process.
First, VSS default security access control
After you install VSS every time you install VSS, the system automatically activates the default security access control mechanism. This mechanism is very simple, it includes two levels of permissions:
1) Read-only privilege: Users can view all objects in the VSS database, but cannot be modified
2) Read and write permissions: Users can view and modify any objects in the VSS database
Every time you add new users, you can decide the user's permissions level. In the "Add User" dialog box, you can confirm the user's permissions by it.
We have said that this is just an extremely simple, coarseline solution, but it is also the simplest. In the actual process, you may need more detailed permission assignments, and even you want each file to set different permissions for different users. Then we have to personally set up the security mechanism of our project.
Note: All security settings in SourceSafe are made in Visual SourceSafe Administrator, so before you go deep into the details: You must confirm one thing: your admin password is secure, except for you, don't want anyone else. Visual SourceSafe Administrator. Otherwise, all safety considerations are futile.
Second, project security and user access
Let's take a look at the basic composition framework of the VSS before explaining project security, and VSS contains multiple databases, each database contains many projects, and may nest in different sub-projects, and finally you Source file. You can compare this class to disk partitions, directory, subdirectory, files in the operating system, each machine containing a lot of disk partitions, contains countless directories, subdirectories in each partition, is your file in subdirectory . The user in the VSS is based on the VSS database, that is, each database contains its own user list. User Access Permissions What projects can be accessed (including viewing, modifying, and executing commands) database, which can only be accessed by those already authorized users, which is the so-called project security.
Unfortunately, VSS only provides user permission control to the project (corresponding to the directory), and does not set different user access (such as Rational ClearCase, etc.) for each file. Although you can use some kind of way to do this, such as increasing sub-projects, but then destroying the normative, readability, and rationality of the entire project structure, even have some subprojects without any meaning.
VSS defines four-level user access, the level is low to high, the latter includes all the prior to permissions, such as the Check Out permission automatically has read permissions.
1) Read-only (R): Allow to view files, corresponding to view, get, etc.
2) Check Out (c): You can use Check Out, Check IN, undo check out, modify the file content 3) file, add, delete, rename files or give files, or give files or give files, corresponding to files. The order has add, delete, label, rename, etc.
4) Destruction (D): This level of authority corresponds to those who have great destructive operations (that is, those who are unkinding to being fried), keep your name: Destroy, Purge, Rollback. So some people can call it as suicide privileges.
In fact, you can find that the two level permissions in the default security mechanism are related to these four, but the latter is divided into three different levels. Ok, we can start setting up different users after each level of permissions.
You must activate the project security mechanism before setting up user permissions. Open the Tools menu of the VSS Administrator, click Options to get the SourceSafe Options dialog, select Project Security and check the Enable Project Security check box. (As shown below)
Figure one activation project security mechanism
There are three ways to set users' project access: setting permissions for each user for project settings, copy user permissions for user settings, which correspond to Assign Rights by Project under Tools menu, Rights Assignments for User, Copy User Rights. We take a brief description with method one as an example. As shown in the figure below, select the item in the left box, select the user in the upper right box, and the user's current permissions are displayed, and the different check boxes are selected to set your own permissions. Note: Automatically reflects all sub-projects for each item.
Figure 2 User authorization
Third, the application management in the actual project
In this section, I mainly combine the actual application of authority management as a configuration administrator during the actual project process, and the factors that need to be considered during the application.
The project we have to contact is a software handover project, and the members of this project team are allocated as follows:
Project Manager: 1 person, responsible for coordinating the entire project business analyst, 1 person, responsible for the overall system architect: 1 person, responsible for system architecture of the entire system Package Owner: 3 people, responsible for the front end, intermediate layer and Backstage database three partial modules person in charge: 3-5 people are responsible for individual module database administrators (DBA): 1 person, responsible for system database TEST / QA: 1 person, responsible for testing and quality assurance of the entire software TECHNICAL WRITER: 1 People, responsible for the Writing Change Control Committee (CCB) of the relevant technical documentation: 3 people, responsible for the change review and implementation of the project needs, including software configuration administrators, external project managers
Most of the practical process will have a person crossing. For example, there are only 9 actual number of projects, and the project manager is also one of the CCBs, and the Package Owner also partially serves person in charge. According to the actual composition of our project, I gave the item structure as shown below in VSS:
Figure three VSS project structure
Illustration Description: 1. The project is mainly stored in the Exec project to execute file or software installation file. Since the project is more complicated, the establishment of a process is time-consuming and complicated, so it is stored directly in the VSS. The general project is not recommended to use this.
2, just shown the main part of the entire project structure, omitted the details, such as the Client project contains many small items.
Next, you need to set different user access to each item and subject. Since all software major changes need to be handed over, we can execute the CCB auditing signature, so we use the D (6) level of the entire project to the CCB member. The project manager is mainly responsible for the grasp of the overall progress of the project and works with the external project group, and other departments, so it has R permission to the entire project and has a DEVELOPMENT Document A permission. There are two privileges that configure administrators, one is A permission to have the entire project, and another may have only some project A permissions, depending on how much actual permissions given to the configuration administrator. In this kind of push, the person in charge of each module has a respective module. In addition, due to the particularity of the transfer project, it is generally mainly based on training in the project, rarely involves software modification, so it is recommended that the project start phase does not give development engineer user C permissions to avoid unnecessary errors and debates.
to sum up
This paper discusses the specific mechanisms of the permission management implementation of VSS, and the combination example is explained in the actual process. Although the transfer project has its own specialty, I believe that the basic idea of its security management is in communication with any project, I hope this article can give you a certain revelation and reference.
reference
1) This article will have a large number of "project" words, and sometimes it refers to the actual software project, sometimes it refers to the project, sub-project in the VSS database, please pay attention to distinguish.
2) For more details on software configuration management, you can refer to this website. Software configuration management mainly includes version management, change management, permission management, etc., this paper mainly involves authority management.
3) Software version uses Microsoft Visual SourceSafe 6.0 English, other versions, please perform the corresponding control.
4) Details of all of these commands can be referred to VSS help.
5) Project background roughly introduction: The software that is handed over is a foreign company software, which is a three-layer application of Microsoft DNA architecture, and the code amount is about 1500,000. The goal of handover: Master the existing system, fully understand the relevant business logic, to make full preparation for the software that meets its own Chinese national conditions. This may involve the rearrangement of the demand, the restructuring of the system, and migration to the Java platform.
6) We use R, C, A, and D to represent the four level permissions in VSS, Check Out, Add, Destroy.
