| 1 |
>>> I'd like to hire a freelancer to work on my website. I don't want to |
| 2 |
>>> provide access to all of my code, but instead only the particular file |
| 3 |
>>> or files being worked on. Does anyone know of a development framework |
| 4 |
>>> that would help facilitate that sort of thing? Would no shell access |
| 5 |
>>> along with restricted SFTP access be the simplest, safest, most |
| 6 |
>>> effective way to go? |
| 7 |
>> |
| 8 |
>> Why not just send him the stuff he should be working on? He can run his |
| 9 |
>> own Apache/PHP/whatever on his development machine. When he's done, he |
| 10 |
>> can send you a tarball of the site files and maybe a SQL dump if you're |
| 11 |
>> using a database. |
| 12 |
> |
| 13 |
> The problem with that is he will need to test his code in the working |
| 14 |
> system. I need a way for him to be able to read/write to a certain |
| 15 |
> file or files within the working system, but have no read/write access |
| 16 |
> to any other files in the system. |
| 17 |
> |
| 18 |
> Is SFTP perhaps the way to go for this? |
| 19 |
> |
| 20 |
> - Grant |
| 21 |
|
| 22 |
For some reason I thought SFTP would provide access control but now |
| 23 |
I'm thinking it's just like SSH in that access control is based on |
| 24 |
file ownership and permissions? If that's the case, can anyone think |
| 25 |
of a better way to control remote access to my files than chmod/chown? |
| 26 |
I think it would be nice if the access control were built into the |
| 27 |
transport mechanism, version control system, or something else already |
| 28 |
in use, but it doesn't sound like that's going to happen. |
| 29 |
|
| 30 |
- Grant |
| 31 |
|
| 32 |
|
| 33 |
>> That's the easiest one-off solution. If you're looking for something |
| 34 |
>> more permanent, another idea is to have a "public" git repo somewhere |
| 35 |
>> while the developers all work on their own workstations. SQL changes can |
| 36 |
>> be made via numbered migrations, e.g., |
| 37 |
>> |
| 38 |
>> 001-create_users_table.sql |
| 39 |
>> 002-create_nodes_table.sql |
| 40 |
>> 003-disregard_that_drop_users_table.sql |
| 41 |
>> |
| 42 |
>> and devs can push everything to the git repo, as long as it's a |
| 43 |
>> fast-forward (so they can't trash the repo history). |
| 44 |
>> |
| 45 |
>> Once you're ready to move something live, an admin logs in to the |
| 46 |
>> production box, does a `git pull`, and then runs the migrations or makefile. |
Archives