4.0 Admin Tool is a nightmare
Moderator: SourceGear
4.0 Admin Tool is a nightmare
I can't figure out how to do many of the things that were simple in the old tool.
Right now I'm very frustrated because I want to change the default rights for a group and I can't see any way to do that. I'm having to update each user manually.
If I go to Server Settings -> Groups, shouldn't I be able to set a default access for that group for all repositories? If I click Overview, it shows me all my repositories, but there's no way to set RCA access for groups.
And everything has such a ridiculously slow response.
The old (Windows-based) admin client had its quirks, but at least it worked.
You folks need some serious usability help when you're designing web-based software.
Right now I'm very frustrated because I want to change the default rights for a group and I can't see any way to do that. I'm having to update each user manually.
If I go to Server Settings -> Groups, shouldn't I be able to set a default access for that group for all repositories? If I click Overview, it shows me all my repositories, but there's no way to set RCA access for groups.
And everything has such a ridiculously slow response.
The old (Windows-based) admin client had its quirks, but at least it worked.
You folks need some serious usability help when you're designing web-based software.
Lane,
I may be confused as to what you're trying to do, but the old admin tool couldn't set default folder security for groups. There's just no way to do that in Vault. The reason we don't have that is that it would be really confusing if there were a user default and a group default. Which default should win? In every other case, the order of precedence is user default, group explicit setting, and user explicit setting.
As for the ridiculously slow response time, that does concern me quite a bit. We've reproduced a customer complaint where having many users and many repositories caused the Admin tool to perform very slowly, even when not dealing with users or repositories. We're working very hard to resolve this issue, and if you're interested, we'll let you know when we have a solution that you can try.
I may be confused as to what you're trying to do, but the old admin tool couldn't set default folder security for groups. There's just no way to do that in Vault. The reason we don't have that is that it would be really confusing if there were a user default and a group default. Which default should win? In every other case, the order of precedence is user default, group explicit setting, and user explicit setting.
As for the ridiculously slow response time, that does concern me quite a bit. We've reproduced a customer complaint where having many users and many repositories caused the Admin tool to perform very slowly, even when not dealing with users or repositories. We're working very hard to resolve this issue, and if you're interested, we'll let you know when we have a solution that you can try.
I'm not talking about folder security. I'm talking about default Read, Check In/Check Out, and Add/Rename/Delete permissions. I am unable to set these at the group level. I want to assign a user to a group and have all their permissions inherited from that group, except where I explicitly override. Otherwise, what's the point of having groups?
Slow response times: When I check a checkbox, there is a delay while some behind-the-scenes action takes place. Seems like you have auto-postback turned on for every user control.
Changing user settings one at a time takes forever if I have to do more than one or two.
Slow response times: When I check a checkbox, there is a delay while some behind-the-scenes action takes place. Seems like you have auto-postback turned on for every user control.
Changing user settings one at a time takes forever if I have to do more than one or two.
Read, Check In/Check Out, and Add/Rename/Delete permissions is what we call folder security. You should be able to set a group to have Read, Check In/Check Out, and Add/Rename/Delete permissions on a folder in a repository, and have user permissions override group permissions. In order to do this, go to the Folder Security page for the repository, click on the $ node, and add a group assignment under the Group Rights section.
Please let me know if this doesn't work for you, because it should.
Please let me know if this doesn't work for you, because it should.
No, this doesn't work, because I have not enabled folder security on most of the repositories. My understanding of folder security is that it allows different access to the folders within a repository. I'm talking about general default access to all repositories, and I don't want to set these permissions on a repository basis, because I have over 100 repositories in my database.
We have two user groups (in addition to the admin group). One of these groups had default RC permission; the other had default RCA permission. This was working fine in 3.5. When I got a new user, I assigned him/her to the appropriate group, and he/she got all the correct permissions for that group. I could also override these settings for individual users. I can't figure out how to do that in 4.0.
We have two user groups (in addition to the admin group). One of these groups had default RC permission; the other had default RCA permission. This was working fine in 3.5. When I got a new user, I assigned him/her to the appropriate group, and he/she got all the correct permissions for that group. I could also override these settings for individual users. I can't figure out how to do that in 4.0.
Here's all the levels of security that have ever been in Vault:
Repository Access:
Every repository can specify which users can see its existence. Vault 4.0 added the ability to specify Repository Access settings for a group. The possible values are:
No Access
Access
Full Admin (New to 4.0, this means the user can administer the repository through the web based admin tool)
Folder Security:
In order to use folder security, it must be enabled for the repository. Folder security lets you specify which actions a user or group can perform on a repository. In order to use Folder Security, it must be enabled on the repository. Since the root folder of the repository is just another folder, you can control the user or groups permissions to the entire repository just by applying security rights to the root folder.
If a user is explicitly given rights to a folder, then that setting overrides any group or user default rights.
If a user is a member of a group that is explicitly given rights to a folder, that overrides the user's default rights.
If a user has no explicit user or group assignments, the user's default rights are used.
In all of this discussion, the thing that I keep worrying about is why the admin tool is so painfully slow for you. I want to make sure that when we get a fix for the slowdown that you're seeing, we get it to you as soon as possible.
Repository Access:
Every repository can specify which users can see its existence. Vault 4.0 added the ability to specify Repository Access settings for a group. The possible values are:
No Access
Access
Full Admin (New to 4.0, this means the user can administer the repository through the web based admin tool)
Folder Security:
In order to use folder security, it must be enabled for the repository. Folder security lets you specify which actions a user or group can perform on a repository. In order to use Folder Security, it must be enabled on the repository. Since the root folder of the repository is just another folder, you can control the user or groups permissions to the entire repository just by applying security rights to the root folder.
If a user is explicitly given rights to a folder, then that setting overrides any group or user default rights.
If a user is a member of a group that is explicitly given rights to a folder, that overrides the user's default rights.
If a user has no explicit user or group assignments, the user's default rights are used.
In all of this discussion, the thing that I keep worrying about is why the admin tool is so painfully slow for you. I want to make sure that when we get a fix for the slowdown that you're seeing, we get it to you as soon as possible.
Please consider this, then, a request to be able to do what I thought I could do all along: specify, by group, default R, C, and A permissions.
As far as the slowness, here are some examples:
On Repository.aspx, the Save button is disabled unless I change something. I check the box to enable folder security, and I get a wait cursor for about three seconds before the Save button is enabled.
When adding a new user (User.aspx), I enter a name, email, and login. I then have to tab off the login textbox and wait for the Save button to be enabled. Or if I click on the Assign to Groups listbox, I have to wait for it to be enabled. Same thing happens if I change an existing user from Active to Inactive.
These things aren't a big deal if I'm making one change at a time, but making changes for multiple users, this causes a lot of slow-down.
As far as the slowness, here are some examples:
On Repository.aspx, the Save button is disabled unless I change something. I check the box to enable folder security, and I get a wait cursor for about three seconds before the Save button is enabled.
When adding a new user (User.aspx), I enter a name, email, and login. I then have to tab off the login textbox and wait for the Save button to be enabled. Or if I click on the Assign to Groups listbox, I have to wait for it to be enabled. Same thing happens if I change an existing user from Active to Inactive.
These things aren't a big deal if I'm making one change at a time, but making changes for multiple users, this causes a lot of slow-down.
I would suggest that a user's default rights should always be inherited from his/her group membership. Without group membership, a user should only have those rights that are explicitly defined.
My addition is in bold below:
If a user is explicitly given rights to a folder, then that setting overrides any group or user default rights.
If a user is a member of a group that is explicitly given rights to a folder, that overrides the user's default rights.
If a user has no explicit user rights, and the user is a member of a group that has no explicit rights, the group's default rights are used.
If a user has no explicit user or group assignments, the user's default rights are used.
To put it another way, this is what I want to be able to do:
Create a group that has RCA permission on all repositories, regardless of whether folder security is turned on.
Create another group that has RC permission (but no A) on all repositories, regardless of whether folder security is turned on.
Create a third group with only R permissions.
Assign users to one of those groups so I can easily determine who can do what.
Then be able to override these settings for individual users by explicitly allowing (or disallowing) permissions on a given repository. Again, this should be available regardless of whether folder security is turned on.
I don't see any way to turn on folder security for all repositories.[/list]
My addition is in bold below:
If a user is explicitly given rights to a folder, then that setting overrides any group or user default rights.
If a user is a member of a group that is explicitly given rights to a folder, that overrides the user's default rights.
If a user has no explicit user rights, and the user is a member of a group that has no explicit rights, the group's default rights are used.
If a user has no explicit user or group assignments, the user's default rights are used.
To put it another way, this is what I want to be able to do:
Create a group that has RCA permission on all repositories, regardless of whether folder security is turned on.
Create another group that has RC permission (but no A) on all repositories, regardless of whether folder security is turned on.
Create a third group with only R permissions.
Assign users to one of those groups so I can easily determine who can do what.
Then be able to override these settings for individual users by explicitly allowing (or disallowing) permissions on a given repository. Again, this should be available regardless of whether folder security is turned on.
I don't see any way to turn on folder security for all repositories.[/list]