TFS Branch Permissions

Question

We have the following code structure:

$  
|-Core  
| |- Project1  
|    |-CoreFile.cs
| |- Project2  
| |- ...  
|  
|-NewProject  
  |- Project1  
|    |-CoreFile.cs    
|    |-NewFile.cs  
  |- Project2  
  |- ...

We have branched core into Project as a starting point and are adding files into NewProject solution's projects.
What we need to do now is set permissions on the Core code so that we can lock it down and stop people making changes to it. We are finding this difficult as TFS does not handle this situation very well.

Has anyone any suggestions as to best achieve this?

Answer 1

As an alternative, you can have one account lock the files for checkout and checkin and just hold the lock. Right-click, lock on the NewProject folder.

Answer 2

TFS does handle this and I am currently utilizing it in a scenario similar to yours. There is a permission called 'Check In' that you can set it 'Allow' or 'Deny' at user or group level. To be able to do this,

1. go to the folder in the source control explorer that you want to prevent changes to and right-click on it.
2. select 'Properties'
3. go to 'Security' tab
4. select a user or a group from 'Users and Groups' list ({Project Name}\Contributors in my case)
5. Set 'Check In' permission to 'Deny'
6. Click OK

Note that in order to be able to change permissions, I believe you need to be an admin on server or project level. Also note that I am using TFS 2005.