Is there a way to deactivate a project in TFS? (not delete, just deactivate so nobody can checkout or checkin)
This is more of a precaution rather than a hard enforcement. We have a project that was branched but was recently merged to a trunk. This project is no longer in use and I don't want anyone to accidentally use it by checking in/out any of its content. It will eventually be deleted when we have tested the merge completely
In Team Explorer, right click on the project and bring up Team Project Settings -> Group Membership. Go through each group, click Properties, and remove all users and groups from each group. This should prevent anyone who doesn't have a TFS administrator role from being able to check the code out. It may even prevent TFS administrators from being able to check it out without first adding themselves back to the correct project group.
I think this will work, but you should try it as I've never actually done it.
If you still want the project to be available, somebody could just put a lock on the project to prevent check-ins and check-outs. It will remained locked by the user who locks it until either the user unlocks it or their workspace is deleted. An admin can also unlock it using tf.exe.
You can lock a project, branch, folder, or file by right clicking on it and selecting the Lock option from the context menu (note: what you are locking has to exist physically on your drive). This page describes the various types of locks you can place on an item.
For work, I wrote a plug-in to automatically place a check-out lock on production branches once certain criteria are met. The lock is held by the account running the TFS services (in our case, Network Service). Nobody can check-out or check-in files in these branches until somebody uses tf.exe to unlock the branch.
Related
I work both from the office and at home, using separate computers. Currently, to be able to continue coding from home, I need to check in all my code before leaving the office. Is there any way of making my workspace work completely online, so that I can continue my work from home without checking-in anything when I'm leaving the office?
I'm currently trying a trick; mapping my workspace on a shared folder (network drive) which I can also access from home via VPN too. But it's taking too long to even download the latest version of the project. Even if this works, I don't think it will be an efficient way because of network speed limitations.
Is there any solution for multiple computers, one user and one workspace?
Assuming that you are using TFVC rather than Git for source control in TFS, then you can shelve your changes rather than checking them in.
Got to the Pending changes area of Team Explorer and click on the shelve drop down.
You now have a couple of options. You must add a name then you can select
preserve pending change locally. This allows you to keep your
changes in the machine you're currently working on.
Evaluate policies and notes. This is only necessary of you have check in
policies set up and it can be ignored if you just want to store your
changes as they are not complete and applying policies at this time
might be inappropriate
Once you have done this then hit shelve. You changes are now stored on the server. When you get to your other machine go in to "Pending Changes" and select the Actions drop down and select "Find Shelevesets"
This will present a list of shelvesets committed by you. You can search for shelvesets by other users but in this case the most recent shelveset created by you should be at the top of the list.
Right click on the appropriate shelveset and select "unshelve". You should now be able to continue working where you left off.
I have set up security in TFS 2012 Team Projects. There is one user who can see parts of a Team Project (certain branches) that he otherwise should not see. I have checked the branch security as well and can't find anywhere why that user should have access to it. It also shows a weird plus sign in front of that Team Project for that user only where he can only see some branches and not the full team project.
figured it out. apparently user had checked out some files before we restricted the permissions and therefore once the user checked in their changes, they could not see these projects anymore.
I'm in a company now that forces TFS upon us. I have used Git all my life, and I am struggling to find some features I am used to in TFS. For example, I'd like to make small commits locally and push them up later together. This way I can keep track of my changes and roll back if I ever need to. Is there a way to do this in TFS?
What you're looking for is called "shelvesets" within TFS.
This link explains how to create one:
MSDN on how to create a shelveset
To shelve folders and files from Solution Explorer
In Solution Explorer, right-click, and then click Shelve Pending Changes.
In the Shelve - Source Files dialog box, type the shelveset name (for example, shelvetest) in the Shelveset name box.
The Shelve - Source Files dialog box includes two options:
Preserve pending change locally
By default, this option is selected. When this option is selected, the changes you made to the files or folders in your local workspace are preserved.
Evaluate Policies and check-in notes before shelving
When this option is selected, all check-in policies are evaluated before the shelveset is created. For more information, see Set and Enforce Quality Gates.
In the Comment box, type Testing my shelveset, and then click Shelve.
The files and folders are copied to the version control server and are available for other team members to unshelve.
And this link provides some background about using shelvesets:
MSDN on reasons to use a shelveset
For a variety of reasons, sometimes you need to set aside some or all of your work in progress. Shelvesets are useful when you want to stop work for:
Interruption: You have pending changes that are not ready for check in, but you need to work on a different task.
Collaboration: You have pending changes that are not ready for check in but you need to share them with another team member.
Code Review: You want another team member to perform a code review of your pending changes.
Private Build: Before you check in your changes, you can use your automated build system to build and test your code.
Backup: You have work in progress that you cannot finish now so you want a backup copy that is stored on your server and available to other team members who might need to access it.
Handoff: You have work in progress that you want to hand off to another team member.
We are trying to follow the branching strategy from the TFS Branching Guide and have reached the point where we have made a branch representing a release, which should now be made read-only.
In the Properties|Security tab for the branch, it presents six user groups each with 10 permissions other than Read. Do I have to go through and click Deny on 60 check boxes, or is there a better way to make this branch read-only?
Right-click the branch in the Source Control Explorer, and select the Lock... option
EDIT:
This seems to get missed a lot when people are finding this so I'll make it more obvious.
Locks appear as a "pending change" for the person who locked the item. As long as the lock is in effect, it will appear as a pending change. When a commit is made of that pending change, the lock is released. While the lock is in effect, the locked branch is effectively read-only, since (to simplify) the locker is the only user who can make commits. The act of committing is what releases any locks on the branch.
h/t #AakashM for pointing that out in the comments
As a quick-n-dirty, you could Lock it for Check Out (although the locker would have to remember to keep the lock in their pending changes forever... which makes me think there's a better way)
To answer the 2nd part of the question -- removing or denying the Read permission effectively denies everything else.
As is mentioned above locking is not a very nice strategy. The correct way of handling this is setting permissions.
You can effectively make files readonly. Users trying to modify the files will get a message 'checkout denied'
https://msdn.microsoft.com/en-us/library/ms252587.aspx#project_level
In VS2013: Team Explorer -> Settings -> Security/Version Control
Deny Check In for domain\domain users
If you have inheritance set to 'On', the best way I've found is to:
'Deny' all permissions except 'Read' to the 'Reader' group, and
Add all other groups (except Project Administrators) to the 'Reader' group.
Then, all groups within the Reader group will inherit the 'Deny' permissions and not be able to do anything but read.
As part of a maintenance, I was about to Lock several now-obsolete TeamProjects, by right-clicking on each one's root in Source Control Explorer ($/TeamProject) and selecting "Lock..".Once I was done, I tried to commit these changes, which was denied with the following message:
By searching around I bumped into the following statement, made as part of this discussion:
Locks are applied such that the user who places the lock can
checkin/checkout files but noone else can until the lock is released.
So as a more valid test you will need another user to attempt a
check-in of a locked file - ie not you because you put the lock on.
If this statement stands, using 'Lock' was all together not what I should have gone for. What I actually need is to close down older TeamProjects so that no checkouts can occur anymore. How do I do that?(I suppose I could include in my changeset a misc code change, but I 'd go for something like this only if there were no other options available)
As I understand selecting Lock allows you to check out the file in isolation. But doing so will show the project in pending changes window. And i guess this is not what you want.
Team Project Collections can be stopped from the TFS Administration console, however this functionality is not available for individual team Projects, you can vote for this feature here ... http://visualstudio.uservoice.com/forums/121579-visual-studio/suggestions/2485699-make-it-possible-to-disable-team-project
You could right click the team project and select security, change the permissions for the users to read only so they have no check in permissions.
HTH