Because I'm not too sure how context diffs will work one
right after the other, I've got two patches in one below.
(They are extremely easy to separate in case this is
considered BadForm(TM) :) )
1. Patch to permit group definitions to contain other groups
(backward refs only)
2. Patch to provide more descriptive error information on
a deny:
Instead of:
"you can't add index.html"
one now gets:
"user 'jsokoloff' can't add index.html"
LOG MESSAGE
Allow group definitions to contain other groups
Print the username (rather than just 'you') on a permission denial.
C:\svn\svn\subversion\tools\hook-scripts>svn diff svnperms.py
Index: svnperms.py
===================================================================
--- svnperms.py (revision 7036)
+++ svnperms.py (working copy)
@@ -83,12 +83,30 @@
class Permission:
def __init__(self):
self._group = {}
+ self._groupexpanded = {}
self._permlist = []
def parse_groups(self, groupsiter):
for option, value in groupsiter:
self._group[option] = value.split()
+ # This computes the "expanded to users" membership of a group
+ # This only allows backward references to group names, which
+ # is sufficient for our needs
+ self._groupexpanded[option] = self.expand_group(option)
+ def expand_group(self, groupname):
+ users = []
+ for group_or_user in self._group[groupname]:
+ if group_or_user[0] == "@":
+ try:
+ users.extend(self._groupexpanded[group_or_user[1:]])
+ except KeyError:
+ raise Error, "group '%s' not found" % \
+ group_or_user[1:]
+ else:
+ users.append(group_or_user)
+ return users
+
def parse_perms(self, permsiter):
for option, value in permsiter:
# Paths never start with /, so remove it if provided
@@ -103,7 +121,7 @@
for groupuser in groupsusers:
if groupuser[0] == "@":
try:
- users.extend(self._group[groupuser[1:]])
+
users.extend(self._groupexpanded[groupuser[1:]])
except KeyError:
raise Error, "group '%s' not found" % \
groupuser[1:]
@@ -203,13 +221,13 @@
for changedata, changeprop, path in changes:
pathperms = perm.get(author, path)
if changedata == "A" and "add" not in pathperms:
- permerrors.append("you can't add "+path)
+ permerrors.append("user '"+author+"' can't add "+path)
elif changedata == "U" and "update" not in pathperms:
- permerrors.append("you can't update "+path)
+ permerrors.append("user '"+author+"' can't update "+path)
elif changedata == "D" and "remove" not in pathperms:
- permerrors.append("you can't remove "+path)
+ permerrors.append("user '"+author+"' can't remove "+path)
elif changeprop == "U" and "update" not in pathperms:
- permerrors.append("you can't update properties of "+path)
+ permerrors.append("user '"+author+"' can't update properties of "+path)
#else:
# print "cdata=%s cprop=%s path=%s perms=%s" % \
# (str(changedata), str(changeprop), path, str(pathperms))
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Wed Sep 10 19:58:39 2003