protect -- Modify protections in the server namespace
p4 protect
p4 protect -o
p4 protect -i
'p4 protect' edits the protections table using an ASCII form.
Once protections are in place, only a user with superuser access
may use the 'p4 protect' command.
Each line contains a protection mode, a group/user indicator, the
group/user name, client host id and a depot file path pattern.
A user gets the highest privilege granted on any line.
Note: remote depot accesses are made using the pseudo-user 'remote';
access by other servers can be controlled by granting appropriate
permissions to the 'remote' user.
Mode: The permission being granted. Each permission includes
all the permissions above it, except for 'review'.
list - users can see names but not contents of files;
users can see all non-file related metadata
(clients, users, changelists, jobs, etc.)
read - users can sync, diff, and print files
open - users can add, edit, delete, and integrate files
write - users can submit open files
super - allows access to the 'p4 protect' command
review - allows access to the p4 review command;
implies read access
Group/User indicator: either 'group' or 'user'.
Name: A Perforce group or user name; may be wildcarded.
Host: The IP address of a client host; may be wildcarded.
Path: The part of the depot being granted access.
The -o flag causes the protection table to be written
to the standard output. The user's editor is not invoked.
The -i flag causes the protection table to be read from the
standard input. The user's editor is not invoked.
Example
Protections:
read group all.G * //...
write group all.G * //depot/...
read group all.G * //depot/maincore/...
read group all.G * //depot/mainlib/...
read group all.G * //depot/mainweb/...
read group all.G * //depot/mainbatch/...
write group all.G * -//depot/qa*/...
write group qa.G * //depot/qa*/...
write group analysis_write.G * //analysis/...
write group all.G * -//depot/admin/...
super group superuser.G * //...
super user jcarreira * //...