Security guide
Important: We are in the process of updating the Version Control experience. If you have the New experience banner in your Version Control navigation menu, refer to the alternate version of this page.
The Unity Version Control (UVCS) security system can help you secure your version control processes. Unity Version Control focuses on the following:
- Allows you to control access to repositories and restrict certain operations.
- You can assign different permissions to projects, users, and groups to efficiently restrict access and prevent any compromise of sensitive data.
- Allows you to enforce policies and best practices for development and deployment.
- You can restrict access to the main development line so only integrators can make modifications to reduce the risk of any breaking changes.
In Unity Version Control, every object has an associated Access Control List (ACL) which makes it simple to customize access and security.
Note: This page focuses on permissions in the UVCS desktop application. To manage user and group security permissions through the Unity Cloud Dashboard, refer to Manage users.
For instructions on how to configure your security permissions for specific scenarios, refer to Security scenarios
Permissions
If your version control environment requires security restrictions, to prevent unwanted access or enforce certain development policies, there are two main ways you can customize your permissions:
- Change permissions to the repositories in your UVCS server.
- If you change the permissions at the top-level, you ensure that all the contained objects are secure.
- You can also edit the permissions for specific repositories, branches, and even items.
- Change user and group permissions.
- You can give specific users and groups different levels of access to the repository server.
- You can give users and groups specific access to repositories, branches, and even items, if required.
If users try to use an operation that they don’t have permissions for, UVCS displays an error message to notify them. The error message specifies the permission that they don’t have that means they can’t perform that action.
Permissions security
A secured path can prevent users or groups from performing operations, such as read or write, on the path. To circumvent the security permissions, a user might edit the path name or the name of the parent directory. UVCS protects against this as it detects that the existing user permissions are different between the source and destination paths and doesn’t allow the user to rename. Instead, the user receives an error message.
Users and groups
Unity Version Control comes with two default groups: Administrators and Developers. When you invite a new user, you can choose if it will be a cloud admin. In this case, the system adds the user to the Administrators group. The system adds everyone else to the Developers group.
For information on how to create groups and add users to groups through the Unity Cloud Dashboard, refer to Manage users.
Read-access restriction
You can restrict read access to certain paths so that some users can’t view parts of your repository. For example, you might restrict read access in centralized setups where sensitive areas of the repository need to be protected in such a way that some project members can't even view them.
For the desktop application, you need to configure the path-based security to protect read access before using the repository for the first time. Otherwise, the read permissions don't apply until users run update operations (without local changes) to propagate the new read permission rules to their workspaces.
Read-access functionality
- Users without read permissions can’t update and download secured paths.
- If a user has read permissions for an item or path, they can view all of the revisions from the History views.
- You can safely revoke read permission from the root item of a repository and any attempt to update or view the repository results in an empty items tree.
- An update-merge occurs when a user has checkouts on a branch and updates to the latest, and UVCS moves your checkouts to the latest version. If the user loses read access to the path, the update-merge fails and they receive an error message.
Incomplete changesets
If you restrict read access to certain paths, it can cause some incomplete changesets. The incomplete changesets are important if you work in distributed scenarios.
In distributed version control scenarios you can reject operations when the path permissions of a revision can’t be checked because a changeset wasn’t replicated. To reject these operations, enable the following setting inside the server.conf file:
<SecuredPaths>true</SecuredPaths>
.
Edit permissions
To configure the permissions on your UVCS server, you need an existing repository. This means you can right-click the repository to open one of the following configuration windows:
Configuration option | Description |
---|---|
Path permissions | Edit permissions for a specific path. You can also configure the branches the permissions apply to. |
Permissions | Edit user and group permissions for the repository. |
Repository server permissions | Edit user and group permissions for the UVCS server that contains the repository. |
As default, the ALL USERS
group has all permissions allowed in your repository. To secure your repository, you need to remove this blanket access and customize your access levels.
To set up your UVCS permissions:
- Set up an administrator user and grant it full access.
- Remove the
ALL USERS
group from the top of the hierarchy. - Carefully define the users and groups and their permissions.
For specific security configurations, refer to Security scenarios.