[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: Non-Apache WebDAV / DeltaV Module

From: Lim, Teck Hooi <teckhooi.lim_at_atosorigin.com>
Date: 2005-03-18 03:55:10 CET

> -----Original Message-----
> From: Erik Huelsmann [mailto:e.huelsmann@gmx.net]
> Sent: Tuesday, March 15, 2005 7:53 PM
> To: Lim, Teck Hooi
> Cc: dev@subversion.tigris.org
> Subject: Re: Non-Apache WebDAV / DeltaV Module
> Hi!
> > However, lately, there is a new requirement to control
> access to files
> > and directories dynamically. The 1st thing that I thought
> of was using
> > mod_authz_svn as it allows me to do just that but the ACL
> is based on a
> > flat file.
> Ok. To what extend do you need it to be dynamic? People have
> written scripts
> to generate the mod_authz_svn config file from databases.
> What's the reason
> you require it to be dynamic now?

What you mentioned here is good enough for me to work on for the time being.

> > What I want is to make it to refer to the database. I could extend
> > mod_authz_svn but I'm not familiar with it. Furthermore, I have not
> > written any Apache module before.
> I'm sure people will want to offer any help required to pull
> off the trick,
> if you come up with a design and have reached consensus over it...
> > Also, I thought of using Java and
> > Tomcat to do that as I will have more features to add in later.
> Hmm, like which features? I really think learning how to
> program mod_dav_svn
> and mod_authz_svn will get you to your goal faster.

The next step is to have files in the SVN tied to issues in a issue tracker
like Bugzilla. I hope you know where I'm heading. Eventually, SVN will be
hidden from the users. Users interact with the issue tracker instead of SVN
directly. End in end, the users' experience will be a combination of SVN and
an issue tracker. With that said, I would imagine that the issue tracker
will handle the user ACL, allow users to log bugs & features and finally
allow the users to check in & out files that tied to a particular issue thru
the same interface. Also, this tracker should understand WebDAV to allow
clients to check in & out files across the network. I guess mod_authz_svn
would not be useful any more since its job is handled by the said issue
tracker. Also, the said issue tracker should have all the rights to the SVN
since it is the sole client to the repository.

I came across SCMBug, http://freshmeat.net/projects/scmbug/, a system that
integrates software configuration management (SCM) with bug-tracking. We
want to have something similar to that and with our requirements added to
it. Personally as well as those in the team prefer to have the whole
solution in Java if it is not too difficult to do. We have considered
extending or writing Apache mods only if we really have to.

> > If that the case I need to rewrite "mod_dav", "mod_dav_svn"
> and finally
> > extending "mod_authz_svn" in Java. I plan to use Jakarta Slide as my
> > basis for WebDAV /DeltaV. So, anyone has advice or pointer for me
> > on how to proceed? Or, there is a better way to do this. thank you.
> Well, if you are serious about implementing ACLs, I think
> it's a waist of
> time to rewrite mod_dav, mod_dav_svn and mod_authz_svn: some
> time in the
> (near?) future ACLs will (need to) be implemented at the
> repository level of
> Subversion. mod_authz_svn never was considered a long term solution to
> access control in Subversion.
> Recently, patches have been submitted for mod_authz_svn to
> use regexes. The
> poster in question was able to reduce his 15,000 rule config file to 9
> rules. Maybe you need something like that?
> How to proceed? Well, you could start by explaining where
> your need for
> dynamic access control comes from. Then, you could explain
> why in-repository
> ACLs and/or regexes won't solve the problem.
> If in-repository ACLs *do* solve the problem, you could draw
> up a draft
> design and post it here for discussion.
> I hope some further discussion can keep you from writing your
> own DAV+DeltaV
> server. It's really not a job to be taken lightly.

I know rewriting DAV+DeltaV is not an easy job. That's why I try to leverage
on Jakarta Slide and that too not easy. If it is an easy thing to do this
conversation would not taken place :) I'm still looking at options to allow
me to achieve my objectives.

> Hope that helps?
> bye,
> Erik.
> --
> DSL Komplett von GMX +++ SupergŁnstig und stressfrei einsteigen!
> AKTION "Kein Einrichtungspreis" nutzen: http://www.gmx.net/de/go/dsl

To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri Mar 18 03:52:03 2005

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.