Re: per-path authz and locking

From: Justin Erenkrantz <justin_at_erenkrantz.com>
Date: 2004-12-16 22:17:02 CET

--On Tuesday, December 14, 2004 11:35 AM -0600 Ben Collins-Sussman
<sussman@collab.net> wrote:

> * a request comes to LOCK/UNLOCK an unreadable file path.
> What should mod_dav_svn return?
>
> - "404 Path Not Found"?
> - "403 Forbidden"?
> - "401 Unauthorized"?

Authorization/authentication should preempt the other error codes. 404 is
certainly incorrect. So, either 401 or 403 I think is correct. What do we
return if they try to GET an unreadable file path? I think we can be
consistent here.

> * a request comes in to discover an existing lock on an unreadable path.
> What should mod_dav_svn return?
>
> - "no lock present" (even if there is)
> - one of the other three 4XX errors above?

The same as above (401 or 403).

> * a request comes in to discover all locks below a directory path.
> But some of those locked child-paths are unreadable. What should we
> return?
>
> - only the readable locked-paths (& locks) ?
> - some sort of 4XX error?

Here, I think returning the subset of readable locked-paths is correct. They
wouldn't even be aware of the other paths: no sense to return them. -- justin

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Thu Dec 16 22:18:37 2004

This message: [ Message body ]
Next message: Justin Erenkrantz: "Re: [Locking] commit and unlock"
Previous message: Peter N. Lundblad: "Re: [Locking] commit and unlock"
In reply to: Ben Collins-Sussman: "per-path authz and locking"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]