Started illustrate_branch_deny.sh.txt v1.0.1 at Fri Jan 27 14:10:43 EST 2017. ReproDir=/tmp/illustrate_branch_deny ============================================================================== Scenario: Branch Deny Preliminary info: Show versions of p4/p4d on the PATH: Executing command: p4 -V Perforce - The Fast Software Configuration Management System. Copyright 1995-2016 Perforce Software. All rights reserved. This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/) See 'p4 help legal' for full OpenSSL license information Version of OpenSSL Libraries: OpenSSL 1.0.2j 26 Sep 2016 Rev. P4/DARWIN90X86_64/2016.2/1457671 (2016/10/26). Executing command: p4d -V Perforce - The Fast Software Configuration Management System. Copyright 1995-2016 Perforce Software. All rights reserved. This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/) See 'p4 help legal' for full OpenSSL license information Version of OpenSSL Libraries: OpenSSL 1.0.2j 26 Sep 2016 This product includes software developed by the OpenLDAP Foundation (http://www.openldap.org/) This product includes software developed by Computing Services at Carnegie Mellon University: Cyrus SASL (http://www.cmu.edu/computing/) See 'p4 help legal' for full Cyrus SASL and OpenLDAP license information Version of OpenLDAP Libraries: 2.4.44 Version of Cyrus SASL Libraries: 2.1.26 Rev. P4D/DARWIN90X86_64/2016.2/1457671 (2016/10/26). License: none Preliminary setup: Spin up a local repo. Executing command: p4 init -C0 -n Server ttyler-dvcs-1485544243 saved. Showing initial protections. Update: 2017/01/27 14:10:43 Protections: super user ttyler unknown //... super user ttyler 127.0.0.1 //... Add some files. Executing command: mkdir Public Private Executing command: p4 status Private/Two.h - reconcile to add //stream/main/Private/Two.h#1 Public/One.h - reconcile to add //stream/main/Public/One.h#1 Reconcile and submit. //stream/main/Private/Two.h#1 - opened for add //stream/main/Public/One.h#1 - opened for add Submitting change 1. Locking 2 files ... add //stream/main/Private/Two.h#1 add //stream/main/Public/One.h#1 Change 1 submitted. == Release r1 (Before implementing branch deny) == Stream //stream/r1 saved. Executing command: p4 populate -f -o -r -S //stream/r1 branch //stream/r1/Private/Two.h#1 branch //stream/r1/Public/One.h#1 2 files branched (change 2). Yikes: Both Public and Private are branched. Not what we want! So let's fix it. == Update protections: Add Branch Deny for Private/... == Protections saved. Showing updated protections. Update: 2017/01/27 14:10:43 Protections: super user ttyler unknown //... super user ttyler 127.0.0.1 //... =branch user * * -//stream/main/Private/....h == Release r2 == Stream //stream/r2 saved. Executing command: p4 populate -f -o -r -S //stream/r2 branch //stream/r2/Public/One.h#1 1 files branched (change 3). There we go! See that now the Private stuff did not branch. Summary: Use something like this snippet in the Protections table: write user * * //path/to/allow/write/but/deny/branching/... =branch user * * -//path/to/allow/write/but/deny/branching/... The '=branch' with the exclusion must appear below the entry granting write access to the given path.