Reviewboard管理员指南（5.2）—— Access Control（重要）

Access Control

New in version 1.6.

Review Board can limit who can view certain review requests, access repositories, and join groups. This can be useful in large organizations or companies where not everyone has access to every project.

Invite-only Review Groups

Review Groups can be made to be invite-only. An invite-only group cannot be joined directly. It requires a Review Board administrator to add users.

If a review request lists an invite-only group as a reviewer, and doesn’t list any public groups, then it’ll be inaccessible to anyone not on the invite-only groups, unless they’re listed explicitly on the reviewer lists.

To set a group to be invite-only, toggle the Invite only setting and then add the users who need access to the group.

重要特性：

将Review Group设置成“invite-only”之后，将只有管理员才能将普通用户加入这个Review Group。

如果一个Review请求仅邀请了invite-only group，且没有邀请任何public group的话，那么这个review请求将对invite-only group外的其他人不可见。如下图：

Hidden Review Groups

Groups can be marked invisible. This can work in conjunction with invite-only groups, and can also be used for groups that are no longer in operation.

Marking a group as invisible doesn’t change who can use it or how it affects access, but it does hide it from all lists of groups.

重要特性：

当一个group不再使用时，可以标志位“invisible”。这样标志后，不会影响相关人员的使用，仅仅是从groups列表中消失。

Private Repositories

Repositories can be made to be accessible only to certain users or review groups, keeping everyone else out. Inaccessible repositories completely prevent access not only to the files contained within the repository, but to all review requests on that repository.

A review request on a private repository can only be viewed by users who are specifically on the reviewer list, who are on the repository’s user access list, or who are on a group that’s on the repository’s group access list.

To make a repository private, toggle the Publicly accessible checkbox off. You will need to add one or more users or invite-only groups to the access control lists in order for anyone to have access.

重要特性：

代码仓库也可以进行权限控制，“Publicly accessible” Check Box不选中后，可以针对“用户”、“Review Group”配置权限。

Review Request Access Summary

To summarize, a user has access to a review request only if all the following conditions are met:

• The review request is public, or the user can modify it (either by being the submitter or having special administrative permissions).
• The repository is public or the user has access to to it (either by being explicitly on the user access list, or by being a member of a group on that list).
• The user is listed as a requested reviewer on the review request, or the user has access to one or more groups listed as requested reviewers (either by being a member of an invite-only group, or by the group being public).

重要特性：

只有满足如上三个条件，用户才有权限访问review request。