| 配置管理策略 | 命令 |
| 禁止普通用户创建标签(实例) | cleartool mktrtype -element -all -preop mklabel -exec "ccperl -e \"exit 1\"" NO_MKLABEL |
| 禁止普通用户删除标签(实例) | cleartool mktrtype -element -all -preop rmlabel -exec "ccperl -e \"exit 1\"" NO_RMLABEL |
| 禁止普通用户创建Metadata类型 | cleartool mktrtype -element -all -preop mktype -exec "ccperl -e \"exit 1\"" NO_MKTYPE |
| 禁止普通用户删除元素 | cleartool mktrtype -element -all -preop rmelem -exec "ccperl -e \"exit 1\"" NO_RMELEM |
| 禁止普通用户删除文件名 | cleartool mktrtype -element -all -preop rmname -exec "ccperl -e \"exit 1\"" NO_RMNAME |
| 禁止普通用户删除分支(实例) | cleartool mktrtype -element -all -preop rmbranch -exec "ccperl -e \"exit 1\"" NO_RMBRANCH |
| 禁止普通用户删除版本 | cleartool mktrtype -element -all -preop rmver -exec "ccperl -e \"exit 1\"" NO_RMVER |
| 普通用户只允许修改属于自已的分支 | cleartool lock brtype:<user_branch> |
| 禁止普通用户修改主分支 | cleartool lock brtype:main |
| 禁止/允许普通用户修改集成分支 | cleartool lock brtype:<integration_branch> |
| cleartool unlock brtype:<integration_branch> |
| 禁止普通用户创建新元素 | cleartool mktrtype -element -all -preop mkelem -exec "ccperl -e \"exit 1\"" NO_MKELEM |
| 禁止普通用户创建新目录 | cleartool mktrtype -element -all -preop mkelem -exec "ccperl -e \"($ENV{CLEARCASE_ELTYPE} eq \"directory\") ? exit 1 : exit 0\"" NO_MKDIR |
| 禁止普通用户删除新目录 | cleartool mktrtype -element -all -preop rmelem -exec "ccperl -e \"($ENV{CLEARCASE_ELTYPE} eq \"directory\") ? exit 1 : exit 0\"" NO_MKDIR |
| 禁止在目录上创建分支 | 1) Disable “mkbranch -element -dir” |
| 2) Apply Config Spec rules only to “element –file” |
| 禁止普通用户删除(rmname)目录 | Same as below |
| 只有owner才能够删除(rmname)文件名 | no_rmname_excapt_owner.pl |
| 创建element时自动删除other的访问权限 | cleartool mktrtype -element -all -postop mkelem -exec "cleartool protect -chmod o-rwx %CLEARCASE_PN%" OTHER_NO_PERM |
| 禁止unreserved checkout | cleartool mktrtype -element -all -preop mkelem -exec "ccperl -e \"exit ($ENV{CLEARCASE_RESERVED} - 1)\"" NO_RESERVED_CHECKOUT |
| 配置管理策略UCM | 命令 |
| 禁止普通用户创建Activity | cleartool mktrtype -ucmobject -all -preop mkactivity -exec "ccperl -e \"exit 1\"" NO_MKACTIVITY |
| 禁止普通用户Deliver到Alternative Target | mktrtype -ucmobject -all -preop deliver_start ???? |
| 禁止普通用户创建基线 | cleartool mktrtype –ucmobject
-all
-preop mkbl –nusers ccadm
-exec "ccperl -e \"exit 1\"" NO_MKBL |
| 禁止普通用户删除基线 | cleartool mktrtype -ucmobject
-all -preop rmbl –nusers ccadm
-exec "ccperl -e \"exit 1\"" NO_RMBL |
| 禁止普通用户创建Project | cleartool mktrtype -ucmobject -all -preop mkproject –nusers ccadm
-exec "ccperl -e \"exit 1\"" NO_MKPROJECT |
| 禁止普通用户删除Project | cleartool mktrtype
-ucmobject -all -preop rmproject –nusers ccadm
-exec "ccperl -e \"exit 1\"" NO_RMPROJECT |
| 禁止普通用户创建Activity | cleartool mktrtype -ucmobject -all -preop mkactivity –nusers ccadm -exec "ccperl -e \"exit 1\"" NO_MKACTIVITY |
no_rmname_excapt_owner.pl 的内容如下:
#!%ATRIA_HOME%\bin\ccperl
#
# Create this trigger type
# 1. copy this script file into directory on your ClearCase server "CCSVR"
# copy no_rmname_except_owner.pl [url=file://\\CCSVR\script\]\\CCSVR\script\[/url]
# 2. create the trigger type in each vob
# cleartool mktrtype -element -all -replace -preop rmname -exec "ccperl [url=file://\\CCSVR\script\no_rmname_except_owner.pl]\\CCSVR\script\no_rmname_except_owner.pl[/url]" NO_RMNAME_EXCEPT_OWNER
#
# Delete this trigger type
# 1. cleartool rmtype trtype:NO_RMNAME_EXCEPT_OWNER
#
my $owner, $eltype;
open SHOW_OWNER, "cleartool describe -fmt \"%[owner]p\\n%[type]p\" $ENV{CLEARCASE_PN} |";
$owner=<SHOW_OWNER>;
$eltype=<SHOW_OWNER>;
close SHOW_OWNER;
if ($eltype eq "directory") {
system "clearprompt proceed -prompt \"Directory cannot be deleted by normal user!\"";
exit 1;
};
if ($owner ne $ENV{CLEARCASE_USER}."\n") {
system "clearprompt proceed -prompt \"$ENV{CLEARCASE_USER} is not the owner of this element!\"";
exit 1;
};
exit 0;
[
本帖最后由 hasjing 于 2008-4-29 18:04 编辑 ]
