[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: authz: what has precidence when user is multiply referenced for a particular path?

From: Steven Simpson <ss_at_domain.invalid>
Date: 2006-05-19 20:42:59 CEST

Greg Thomas wrote:
> On Fri, 19 May 2006 16:31:39 +0200, "Lieven Govaerts" <lgo@mobsol.be>
> wrote:
>
>>> From: Greg Thomas [mailto:thomasgd@omc.bt.co.uk]
>>>
>>> This makes it impossible to give anonymous read only access,
>>> a very desirable feature:
>>>
>>> [/foo]
>>> *=r
>>> @developers=rw
>>>
>> That's not correct!
>>
>> First of all, in your example Subversion will behave like this:
>> 1. if you need read access: the first line applies, so it grants you read
>> access
>> 2. if you need write access: it skips the first line, and grants you access
>> based on the second line of you're in the developer group.
>>
> Oops, good point! More coffee needed ...
>
No, I think you were right, in the context that was snipped: "Most
severe restrictions should apply" (Jeb). In that case, whoever you are,
both lines apply, and the most severe restriction is to take away 'w',
whether you're in @developers or not.

-- 
ss at comp dot lancs dot ac dot uk                                     |
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Sat May 20 22:19:41 2006

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.