The patch here allows you to enter a space-trimmed active directory usergroup name
in the groups section.
So you can add users to your repository permissions checks by adding them to groups
managed by ActiveDirectory rather than editing the svnperms.conf file all the time :-)
Heres an example of how we use it. TeamGroup is an ActiveGroup actually "Team Group" but
we strip the spaces for svnperms.py.
I hope this patch helps others like it has us and can make it into the main source tree.
[groups]
admin = domain\paul
owner = domain\david
commit = TeamGroup
[perms]
.* = @admin(add,remove,update)
trunk/.* = @admin(add,remove,update) @commit(add,remove,update)
Index: svnperms.py
===================================================================
--- svnperms.py (revision 10372)
+++ svnperms.py (working copy)
@@ -9,6 +9,8 @@
import sys, os
import getopt
import re
+if sys.platform == "win32":
+ import win32net
__author__ = "Gustavo Niemeyer <niemeyer@conectiva.com>"
@@ -111,12 +113,24 @@
users.append(groupuser)
self._permlist.append((pattern, users, perms))
+ def _getgrouplist(self, user):
+ if sys.platform == "win32":
+ domain, username = user.split('\\')
+ groups = [groupdata[0].replace(' ', '') for groupdata in win32net.NetUserGetGroups(win32net.NetGetAnyDCName(None, domain), username)]
+ else:
+ groups = []
+ return groups
+
def get(self, user, path):
- ret = []
+ groups = self._getgrouplist(user)
for pattern, users, perms in self._permlist:
- if pattern.match(path) and (user in users or "*" in users):
- ret = perms
- return ret
+ if pattern.match(path):
+ if (user in users or "*" in users):
+ return perms
+ for groupname in groups:
+ if groupname in users:
+ return perms
+ return []
class SVNLook:
def __init__(self, repospath, txn=None, rev=None):
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri Sep 3 03:33:46 2004