[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: [PATCH] svnserve per-user read/write access control

From: Greg Hudson <ghudson_at_MIT.EDU>
Date: 2004-09-07 18:14:28 CEST

On Tue, 2004-09-07 at 12:00, Greg Hudson wrote:
> This patch looks pretty good. There are a couple of nits (patches
> should ideally come with log messages--see HACKING--and shouldn't use
> tabs for indentation), but I'll take care of them.

Hm. While cleaning up the patch I noticed a couple more nits (wrong
indentation style, and you could have grabbed the per-user default
before computing result) and, unfortunately, a design problem:

svnserve calls get_access() in several places to find out what access
the client connection *would* have given that it is authenticated or
unauthenticated: in send_mechs() to determine what mechanisms to
present, in auth() to determine what mechanisms to recognize, in
must_have_write_access() to determine if authenticating would grant
write access, and in find_repos() to determine whether to reject all
connections to the repository. If the level of access depends on
*which* user the connection authenticates as, then we need a way of
answering the question, "what's the maximum level of access any user
could get by authenticating?" That's clearly not a five-line change any

To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Tue Sep 7 18:15:21 2004

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.