Issue 45 in svnbook: Add an example of inverted rights application for path-based authorization

codesite-noreply at google.com codesite-noreply at google.com
Tue Apr 7 17:08:01 CDT 2009


Status: New
Owner: ----
Labels: Type-Enhancement Priority-Medium

New issue 45 by anrdae... at freemail.ru: Add an example of inverted rights  
application for path-based authorization
http://code.google.com/p/svnbook/issues/detail?id=45

I've been looking for a solution to the following issue
I'm using Apache auth module which is already restricting access to
repository to only selected few users.
All but one of them need to have rw access, excluding specific user
intended for checkouts only.

This could be done in two ways:
Documented, accounting for rules order:
[/]
svnprojects = r
* = rw

My own (tm), using fool-proof inverse mask:

[/]
* = r
~svnprojects = rw

Another issue just spotted in users list:
User requested for explicit denial of committing to /tags for those not
expected to do such things.

[/tags]
~@svnadmins = r
@svnadmins = rw

And we explicitly declared all possible users, so it would not look upward
for more rights on operation. (the second rule redundant in case you have
whole repository open for commits, but better leave it here for the times
you rethink your auth structure)

--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings




More information about the svnbook-dev mailing list