[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: [RFC] Authz_svn support for svnserve/file

From: Greg Hudson <ghudson_at_MIT.EDU>
Date: 2005-06-02 19:04:05 CEST

I may be contradicting some of what I said earlier, since I didn't
bother to go back and look what I said last time around.

On Thu, 2005-06-02 at 17:57 +0200, David Anderson wrote:
> * Modify mod_dav_svn to use the authz routines from libsvn_repos.

It might be easier to skip this, and just make mod_authz_svn use the
routines from libsvn_repos. (That assumes we can provide APIs suitable
for mod_authz_svn to use, i.e. ones where you don't have to pass a
repository object and can instead pass the location of the access
control file. I don't see any major obstacle there.)

In the long run, it would be more consistent to make path-based access
control part of libsvn_repos and make all the RA layers find the file in
the same way. But it would also be less flexible, and would represent a
behavior chance in mod_dav_svn. Also, in the long run we may have an
FS-based acl system which deprecates path-based access control. So it's
not necessarily worth the pain and effort to make all the access methods

> * Add write access callbacks in libsvn_repos. Why aren't there already
> callbacks there?

mod_dav_svn doesn't use the libsvn_repos commit editor, so there hasn't
been a motivation to put access callbacks there yet. Commits over DAV
are done through a series of discrete HTTP operations, which can be
checked at the mod_authz_svn level with no help from libsvn_repos.

To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Thu Jun 2 19:05:42 2005

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.