Hi there!
While I was working on the stuff at our repository system [1], I
developed a permission checking script as part of the software structre
surrounding the repository (in python). It turned out to be so
confortable to specify permissions with that syntax that I missed this
script for the other projects maintained under Subversion, so I decided
to 'crop' that part from the system and write a standalone executable.
[1] http://moin.conectiva.com.br/RepositorySystem
The question is, would you like to include it as part of the subversion
distribution?
(of course, I can provide it to anyone interested, even without being
part of the distribution)
Below I'm including a sample configuration file, and here's the output
of "svnperms.py --help".
[niemeyer@ibook ~/src/svnperms]% ./svnperms.py --help
Usage: svnperms.py OPTIONS
Options:
-f PATH Use PATH as configuration file (required)
-s NAME Use section NAME as permission section (required)
-r PATH Use repository at PATH to check transactions (required)
-t TXN Query transaction TXN for commit information (required)
-h Show this message
svnperms.conf:
----------
#
# Multiple global [groups] sections are accepted, but be aware
# that it's the same as concatenating them all in a single entry.
# You can also create section specific groups, using a syntax
# like [groups sectionname].
#
[groups]
group1 = user1 user2 user3
#
# Example repository control, showing allowed syntax.
#
# - the latest match is what counts
# - groups are prefixed by "@"
# - you can use groups and users in the same definition
# - all permissions may be revoked with ()
# - line breaks are accepted
#
[groups example1]
group2 = user9 user10
[example1]
trunk/.* = *(add,remove,update) @group1,user4,user5(update)
user6,user7()
trunk/.* = user8(add,update)
tags/[^/]+/ = @group2(add)
branches/[^/]+/.* = *(add,remove,update)
#
# One of the most used repository structures, for a single project.
#
[example2]
trunk/.* = *(add,remove,update)
tags/[^/]+/ = *(add)
branches/[^/]+/.* = *(add,remove,update)
#
# Another common structure, expecting a project name inside the repository
# (like trunk/myproject/ and tags/myproject/). In this example, only admins
# are allowed to create projects, and there are project specific access
# lists.
#
[groups example3]
admins = john
project1 = user1 user2
project2 = user3 user4
[example3]
trunk/[^/]+/ = @admins(add,remove)
trunk/project1/.+ = @project1(add,remove,update)
trunk/project2/.+ = @project2(add,remove,update)
tags/[^/]+/ = @admins(add,remove)
tags/project1/[^/]+/ = @project1(add,remove)
tags/project2/[^/]+/ = @project2(add,remove)
branches/[^/]+/ = @admins(add,remove)
branches/project1/[^/]+/.* = @project1(add,remove,update)
branches/project2/[^/]+/.* = @project2(add,remove,update)
#
# A more complex structure, as defined in the following URL:
# http://moin.conectiva.com.br/RepositorySystem
#
[groups example4]
admins = user1 user2
updaters = user3
[example4]
snapshot/[^/]+/(current/(SPECS/|SOURCES/)?)? = *(add)
snapshot/[^/]+/ = @admins(add,remove)
snapshot/[^/]+/current/SPECS/[^/]+\.spec = *(add,remove,update)
snapshot/[^/]+/current/SOURCES/[^/]+ = *(add,remove,update)
snapshot/[^/]+/releases/[^/]+/([^/+]/)? = mapi2(add)
snapshot/[^/]+/pristine/ = mapi2(add,remove)
branches/[^/]+/.* = *(add,remove,update)
releases/[^/]+/ = @admins(add)
tags/[^/]+/ = *(add,remove)
updates/[^/]+/[^/]+/(current/(SPECS/|SOURCES/)?)? = @updaters,mapi2(add)
updates/[^/]+/[^/]+/current/SPECS/[^/]+\.spec = @updaters,mapi2(add,update)
updates/[^/]+/[^/]+/current/SOURCES/[^/]+ = @updaters,mapi2(add,remove,update)
updates/[^/]+/[^/]+/releases/.* = mapi2(add)
updates/[^/]+/[^/]+/pristine/ = mapi2(add,remove)
--
Gustavo Niemeyer
[ 2AAC 7928 0FBF 0299 5EB5 60E2 2253 B29A 6664 3A0C ]
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Mon Oct 21 01:52:17 2002