On Dec 1, 2004, at 3:28 PM, Julian Reschke wrote:
>
> That's fine. The DAV:owner element in the lock request is just
> client-controlled metadata. Servers may associate locks with
> authenticated users, but in this case, the user information needs to
> be obtained from the HTTP authentication details, not the LOCK request
> body.
>
Okay, so what I'm hearing is that the "owner" field in a DAV lock is
somewhat of a misnomer: it might be more apt to call it
"scratch-notes" or something. The RFC requires only that we preserve
and return this field, should the client choose to send it. The field
has nothing whatsoever to do with authentication or enforcement.
Is that about right?
If so, then I guess the best thing to do is create a new field in
svn_lock_t, and we'll call it "comment". We'll map the DAV:owner
metadata to this new field. Meanwhile, svn_lock_t->owner will continue
to be used for "real" enforcement under the hood, and will be directly
mapped to the authenticated username.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Wed Dec 1 23:35:11 2004