Last updated on December 21, 2014
HgLab has pretty sophisticated Security Model, so understanding it is key to correctly implementing HgLab in your environment.
Catalog is where HgLab stores information about Users and Groups. HgLab can support an unlimited number of Catalogs, with each being one of the following types:
HgLab comes with an Integrated Catalog already built-in that is enabled by default at installation. When you create the first System Administrator during the setup procedure, that administrator's username and other details are stored in the Integrated Catalog.
Imagine the following scenario: you have your in-house developers already authenticating against your ActiveDirectory. Now you want to grant access to your HgLab installation to a number of outside contributors. Without Catalogs this would require either adding these outsiders to an ActiveDirectory (not the best idea) or duplicating authentication information in HgLab, which is not good either. With Catalogs, you just create an additional External Contributors Catalog, and add these trusted people over there. When they're all done, just disable the Catalog and they will be denied access to your HgLab installation.
HgLab has two levels of Permissions: System-level and Project-level.
System-level Permissions include:
Project-level Permissions include:
Groups are essentially containers for Users, who can be granted System-Level Permissions by being a member of a Group.
A User is anybody who can sign in to HgLab or connect to it using Mercurial client.
Each User can be a member of any number of Groups, thus receiving a number of System-Level Permissions.
Additionally, each User can be a member of any number of Teams within a particular Project, receiving Project-Level Permissions.