Re: Older versions through http-repository browsing

From: Michael Sinz <Michael.Sinz_at_sinz.org>
Date: 2005-08-22 16:40:14 CEST

solo turn wrote:
> hi,
>
> why is it not possible to extend webdav or deltav standard to also
> have a means of retrieving a version/revision of a resource like:
> http://svn.collab.net/repos/svn/trunk/README?rev=1000
> which would allow normal apache access control on the url?

Actually, using the rewrite trick that I have in the Insurrection tools,
this sort of works. That is, the mod_authz_svn does all of the URL
access controls because the access controls are handled before the
.htaccess rewrite rules run.

> is there any disadvantage in this approach i am not able to see?

Other than making mod_dav_svn be more than what it is (and it already
is a relatively large bit of code)

There are other ways to get the same results since the rewrite rules for
a directory apply after mod_authz_svn accepted the requested path.
(If mod_authz_svn rejected the path, the rewrite engine never even gets
a chance to run)

For example, here is the .htaccess I use and one previous version:
(note - in my setup, this goes into the "/" directory of the web server)

http://svn.sinz.com/svn/Insurrection/trunk/.htaccess?Insurrection=get&r=221
http://svn.sinz.com/svn/Insurrection/trunk/.htaccess?Insurrection=get&r=220

Now, this is a repository that requires user authentication for read access:

http://svn.sinz.com/svn/example2/trunk/fold/fold.html?Insurrection=get&r=6

(Sorry, no public user name defined, but this is mod_authz_svn doing the
authentication, just like it does for the SVN access rights)

Note that there is no way to secure a revision number itself. So if you have
access to the file, you have access to its history.

The reason for the get operation is that I also use this to provide access
controls on the log files, diffs, etc., that Insurrection provides the web
interface for. It makes for a really nice interface to let mod_authz_svn
do all of the authentication.

-- 
Michael Sinz                     Technology and Engineering Director/Consultant
"Starting Startups"                                mailto:michael.sinz@sinz.org
My place on the web                            http://www.sinz.org/Michael.Sinz
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org

Received on Mon Aug 22 16:46:48 2005

This message: [ Message body ]
Next message: Michael Sinz: "Re: svn list -R of medium-size repository takes 10 hours."
Previous message: Grzegorz Adam Hankiewicz: "[PATCH] Moving doc:es partial commiters to dormant section"
In reply to: solo turn: "Re: Older versions through http-repository browsing"
Next in thread: Phillip Susi: "Re: Older versions through http-repository browsing"
Reply: Phillip Susi: "Re: Older versions through http-repository browsing"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]