Security rights in Vault allow administrators to control three aspects of user interaction with Vault. Repository Access and Project Access enable Administrators to restrict which users can see or modify a repository or project. Folder Security is an additional level of security for repositories that enables Administrators to restrict user capabilities on a folder in the repository.
In addition, all security settings that can be applied to a user can also be applied to a group, which is a collection of users.
When a new user is added, the user will use the default access rule for each repository and project in the Vault server.
Folder Security can be turned off entirely for a repository to increase performance since checks to the database do not need to be made. This is the default setting for newly created repositories.
Security rights can be set in one the following ways:
• Repository-Level Access
Repository-Level access enables Administrators to control which users can see this repository, and to assign some users to be Repository Admin.
• Project-Level Access
Project-Level access enables Administrators to control which users can see this repository, and to assign some users to be Project Admin.
• Folder Security
Setting the Folder Security rights gives administrators control over what operations can be performed by a user in to a specific folder in the source control repository. For more information, please see the Source Control Repositories -> Individual Repository Name -> Folder Security link.
Viewing Current Security Assignments
There are several ways to view the current security assignments:
• Assignments for User
You may select a particular user to view their current rights to repositories, projects and folder security. For more information, please see the Server Settings ->Users page in the Admin Tool.
• Assignments for Groups
You may select a particular group to view their current rights to repositories, projects and folder security. For more information, please see Group Rights and the Server Settings -> Groups page in the Admin Tool.
• Copy User Rights
It is possible to copy one users rights to apply to another user. For more information, please see Reference ->Copy Rights Assignments.