#=============================================================================
# Sample protections file
#=============================================================================

# Define the IP addresses that will be used for this entire file.  This
# assumes a class A network.
{ globalip = 10.1.[1,2,3].* }


#-----------------------------------------------------------------------------
# First, restrict anyone who doesn't have an account from creating a user.
{
type=user
ip=*
-//...
}
    list *

#-----------------------------------------------------------------------------
# All registered users can see the entire depot, except the meta-data where
# we archive the Perforce meta-data.
{
type=group
name=all     # this is a group that contains all other groups and users.
access=read
}
    //...
    -//depot/p4-meta-data/...


#-----------------------------------------------------------------------------
# The branch office can see the files, but can't write to them
{
access=read
type=group
ip=67.112.[1-128].*
//depot/...
}
    remote


#-----------------------------------------------------------------------------
# Where we keep the tracker
{}
    write group tracker //depot/tracker/...
    
#-----------------------------------------------------------------------------
# Give group owners access to only the meta-data files that they need.
{
type=group
access=write
//depot/p4-meta-data/groups/
}
    owner_dev       owner_dev.spec
    owner_dev       dev.spec
    owner_dev       dev_*.spec
    owner_branch    owner_branch.spec
    owner_branch    branch_*.spec

#-----------------------------------------------------------------------------
# Allow developers access to the main branch, sorted by sub-project access.
{
access=write
type=group
//depot/main/
}
    dev         ...
    dev_c       c/...
    dev_java    java/...
    dev_doc     docs/...
    dev_web     html/...
    dev_web     cgi-bin/...

    
#-----------------------------------------------------------------------------
# Give access to the branches to only those who need it.
{
access=write
type=group
//depot/branch-
}
    branch_1_0   1.0/...
    branch_1_2   1.2/...
    branch_2_0   2.0/...

#-----------------------------------------------------------------------------
# Finally, setup the administrators
{
access=super
//...
}
    group admins
    user margret

# Also, the administrators need access on the local Perforce machine
{
access=super
ip=127.0.0.1
//...
}
    group admins
    user margret