Recommendations for developing a Pull model with access rights

[Sean Kelley]

Hi,

I am working on improving repository access for a project.  Currently
I am using a single shell account with shared public keys.  This
single shell account uses hg-ssh as its login shell and can then
handle all the hg operations for remote users whose public keys have
been shared.

The problem is that I want to now limit push access to specific
repositories for specific users.  It appears to me that the shell
account using hg-ssh does not communicate the user information to the
repository.  So correct me if I am wrong but I just cannot edit the
hgrc of a particular repository and specify some user names because of
the current model.  From the perspective of the repository there is
only one user the mercurial user.

But I really liked the shared public key approach.  It eliminates
having to create multiple accounts on the server.  Let me show you my
use case:

30 developers
20+ repositories
One server
One hg-ssh 'mercurial' account using shared public keys

I now want to say limit push writes to only specific users for
selected repositories:

e.g.,
linux-pxa300 has limited push rights to only Seth, Jeff, and Ross

blob-pxa300 has limited push rights to only john, joe, and steve

these guys can then 'pull' those changes they want selectively.

It doesn't appear to me that the shared public key approach with
hg-ssh can allow this without having to explicitly list each and every
repository a user has rights to in the authorized_keys2 file.

An alternative is to drop the shared 'mercurial' account and create
30+ shell accounts with forced group umask changes.  Then I can modify
repository access through hgrc.

Any suggestions on the best approach?

Thanks,

Sean