[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Should authz return errors? (Was: Re: SoC: Path-based authz for Svnserve)

From: David Anderson <david.anderson_at_calixo.net>
Date: 2005-07-01 19:57:41 CEST

Greg Hudson wrote:
> That means the reading code has to go to a substantial amount of extra
> work validating everything, but:

I agree this is preferrable to breaking in the middle of an operation.

I propose adding a function to the authz API, svn_repos_authz_validate,
which scans the entire given svn_config_t to ensure that it is a valid
authz ACL file.
The RA servers then call this as a part of their procedure for loading
the authz file, and abort service if something comes up.

> * This way you'll notice immediately if you screw up your authz file,
> instead of only noticing when you try to check out or commit to some
> obscure part of your repository.
> * This way will produce much more graceful failure than conking out in
> the middle of an update/commit.

+1 for both arguments. Best have an operation fail immediately if the
server-side configuration is invalid.

- Dave.

To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri Jul 1 20:12:58 2005

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.