[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: How to best manage authorization after tag/branch creation?

From: Shaun Pinney <shaun.pinney_at_bil.konicaminolta.us>
Date: Wed, 13 Oct 2010 11:17:17 -0700

> > Do you need to restrict READ access to the branch or tag, or do you
> > simply want to restrict COMMIT access.
>
> Thanks for the response. We need both, but restricting read access is
> the main concern at the moment. So far, I only know of AuthUserFile
> for controlling read access.
>
> > If you just want to restrict commit access, you can use a pre-commit
> > hook to kill a commit transaction if the user who doesn't have
> > permission attempts to change a tag or branch.
>
> Good to know. I'll check into the script you've mentioned. At the
> moment, we've removed read access to /tags for most users. But this
> is not a good long term solution.

I should say we've removed both read and write access to /tags for most users.

> > By the way, there's also a way to configure Apache httpd to use LDAP
> > instead of a regular text file. This means that users will have access
> > to your Subversion repository based upon their Windows or Unix account
> > and that users will automatically get logins and have their access
> > removed when they get hired or move on.
>
> That's something we'll definitely consider. We have some other quirks
> with account management to sort out first :)
>
> Best,
> Shaun
>
Received on 2010-10-13 20:19:27 CEST

This is an archived mail posted to the Subversion Users mailing list.