[PATCH] Add authz support to the commit editor

From: David Anderson <david.anderson_at_calixo.net>
Date: 2005-08-02 02:15:17 CEST

Another small step towards authz support in Svnserve. This patch adds
authz support to the commit editor. As such, it revvs the
svn_repos_get_commit_editor function, modifies the commit editor
functions to do checks during the driving, and adds a new test to the
libsvn_repos suite to verify the authz behaviour of the commit editor
(I think the test is the largest piece of code in the patch...).

The authz requirements enforced by the commit editor are as follows:
* open_root needs read access to the repository root.

* open_file and open_directory need read access to the path being
opened.

* add_file requires write access to the path being created and the
parent path (creating a file requires write access in the directory),
and also read access to the copy_from path if provided.

* add_directory requires write access to path and parent path, or
recursive write access to path and write access to parent path and
recursive read access to copy_from path if copy_path is provided.

* delete_entry requires write access.

* apply_textdelta requires write access to the file being delta'd.

* change_file_prop and change_dir_prop require write access on the
path being changed.

The new test is, I believe, fairly exhaustive in making sure authz is
behaving in the commit editor. The only function it doesn't test is
apply_textdelta, because I felt building two streams, generating the
delta and adding the necessary infrastructure to get apply_textdelta
to work was a little overkill for what it checks. I'm open to
suggestions on how to make this check quick and painless.

I've revved the callers of the commit editor, in ra_local and
svnserve.

- Dave.

[[[
Add authz callback support to the commit editor.

* subversion/include/svn_error_codes.h
New error message.

* subversion/include/svn_repos.h
   (svn_repos_authz_access_t): Move to the begginning of file to avoid
     warnings about undeclared types.
   (svn_repos_authz_callback_t): New callback type for extended authz
     lookups.
   (svn_repos_get_commit_editor3): Revv API, add an authz callback and
     pointer.
   (svn_repos_get_commit_editor2): Deprecate.

* subversion/libsvn_repos/commit.c
   (edit_baton): New fields for authz.
   (check_authz): New internal function.
   (open_root, delete_entry, add_directory, open_directory,
    apply_textdelta, add_file, open_file, change_file_prop,
    change_dir_prop): Perform authz lookups.

* subversion/libsvn_ra_local/ra_plugin.c
(svn_ra_local__get_commit_editor): Use the new commit editor API.

* subversion/svnserve/serve.c
(commit): Use the new commit editor API.

* subversion/tests/libsvn_repos/repos-test.c
   (commit_authz_cb): Callback implementation for the commit editor
     authz test.
   (commit_editor_authz): New test.
]]]

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

text/x-patch attachment: authz_in_commit_editor.patch

Received on Tue Aug 2 02:16:11 2005

This message: [ Message body ]
Next message: Branko Čibej: "Re: bugs in hook scripts on Windows"
Previous message: Michael Sweet: "Re: logging: are we there yet?"
Next in thread: Greg Hudson: "Re: [PATCH] Add authz support to the commit editor"
Reply: Greg Hudson: "Re: [PATCH] Add authz support to the commit editor"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]