[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Should authz return errors? (Was: Re: SoC: Path-based authz for Svnserve)

From: David Anderson <david.anderson_at_calixo.net>
Date: 2005-07-01 14:13:20 CEST

Hi,

I'm working on the moving and adapting of the authz code to
libsvn_repos, and during that, a question came up.

The current code in mod_authz_svn doesn't use any error handling. In
some cases the code runs into a malformed authz file, and when that
happens, authz silently ignores what piece is problematic and ploughs
on. AFAICT, there are two such cases:
- Discovering groups with cyclic dependancies (group A contains group B
contains group A); The second group will have the cycling dependancy
silently ignored.
- An ACL line for an undefined group; The undefined group is considered
empty.

While I can potentially understand why the second case is okay, the
first seems like silently ignoring something which might bring a good
deal of confusion to users who accidentally create a cyclic dependancy
("Why isn't user foo authorized? He's in group A, which group B
includes...").

So, this all comes down to: should the authz API return errors when it
discovers a malformed ACL configuration? I'm undecided on this, because
it changes the current behaviour (a working authz file might fail under
the new code), and because returning svn_error_t's everywhere does
contribute to making the interface more cumbersome.

Thoughts?

- Dave.

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri Jul 1 14:14:45 2005

This is an archived mail posted to the Subversion Dev mailing list.