LDAP Group Configuration in AuthzSVNAccessFile

I have been set the task of setting up SVN and connecting Authentication and
Authorization to our MS Active Directory system. The SVN is now running on
a Debian Linux server. I have successfully set up Authenticated to
authenticate users who have access to the SVN system based on a Security
Group in our AD.

The next task is where I am encountering the difficulty is in Authorizing
individual users to read and write to the individual repositories. From
what I have seen I need I to do this I need a AuthzSVNAccessFile file.
However I have not been able to find any documentation on how to accomplish
this using AD groups. Below is a simple example.

Let the following users exist. UserA, UserB, UserC, UserD.

Let the following user groups exist. canAccessSVN, canOnlyReadReop1,
canReadWriteReop1, canOnlyReadReop2, canReadWriteReop2.

Users UserA, UserB, and UserC In group canAccessSVN.

Let the following SVN repositories exist. (repo1, repo2, sandbox).

UserA is in groups canAccessSVN, canReadWriteReop1, canReadWriteReop2.

UserB is in groups canAccessSVN, canReadWriteReop1.

UserC is in group canAccessSVN, canReadWriteReop2, canOnlyReadReop1.

UserD has access to nothing (this part I have solved using the canAccessSVN
in the dav_svn.conf file.

All users should have Read and Write access to the sandbox repository,

UserA should have Read and Write access to both reop1 and repo2 and sandbox.

UserB should have Read and Write access to only repo1.

UserC should have Read and Write to repo2, and read access to repo1.

The trick is I want to do this with the AD groups. I have searched and have
not found any reference do controlling this with AD groups in the
AuthzSVNAccessFile file.

Any help or pointers to a reference would be very helpful.

Lee

 
Received on 2010-03-31 21:31:49 CEST