p4 protect is by far the best way to go - that's what it is for. I highly recommend that you put all your users in groups, and only ever use groups in your protection table - much easier to manage.
You can protect any level of detail that you like, so it's not bulky. Also note that server version 2008.1 has a new security feature that allows you to specify what you can do slightly differently. Change Note:
#152278 ** 'p4 protect' now allows specification of permission 'rights'. Previously, 'p4 protect' only allowed using permission levels which include the specified access (ie 'read') and also all of its lesser permissions (ie 'read' = 'read' + 'list'). Permission rights make it possible to deny individual rights without having to re-grant lesser rights. The new permission rights are '=read', '=branch', '=open', and '=write'. This functionality was previously undocumented, and is now fully supported for 2008.1
If you really have a problem with being an administrator in order to lock and unlock this, you should take a look at the "group owner" feature introduced in 2007 .3. This will allow the non-superuser to add and remove people from the group. Therefore combine this with the protection table. That is, get the site administrator to configure the protection table and restrict the rights of the group named "Rel 1.0 Authorized" and make you the owner of the group. Then you can add and remove users (or subgroups) from this group to control access.
The trigger option is an option, but you still need to be an administrator to configure the trigger in the first place. You can also affect the performance of all views, which you can pay attention to. But the main problem with triggers is that you will use them to emulate the built-in function designed for this purpose, i.e. Protection tables. And, if you want to be safe, you still need to find a way to prevent someone else modifying the link file. It just seems like you need to work hard to imitate an existing function.
Greg whitfield
source share