svn commit comment for "svn log <file>" is not shown, if the commit includes any files I don't have read access for

Hi svn-dev,

I got stuck on a problem with "svn log" that firstly made no sense :) But
after figuring out how the "svn log" works, I would kindly request an
improvement request in a border case.

Scenario:

Within 1 repository, there are 2 folders: A & B.
Kate has access to A & B [let's say rw], John has access to B only.

Now Kate makes a commit [let's say revision 5] that modifies files in both
folders: A/foo and B/bar. Being a pragmatic programmer she is, she of course
provides a commit message.

Now whichever way Kate checks revision history, everything is ok.
However when John checks revision history [for the file visible for him,
i.e. B/bar], he does see the commit message. He does see the revision [5],
but not the message Kate carefully worded.

The command John executed was "svn log --username john
https://svn-repository/B/foo". And to sysadmins' surprise, Apache error log
showed: "Access denied: 'john' GET svn-repository:/A/foo

So... to sum it up:
* John does see all his commit comments
* John also sees Kate's commit comments, if her particular commit only
touched B].
* If there's a commit by Kate that involves A & B, John does not see the
comment for that particular commit.

It seems there is an assumption that if you have permissions to view a file
in a specific commit, you can see all files in the commit. In our use case
this is not (and can't be made) true.

We would need to see the comment. It's ok if all files aren't listed (John
is anyway blissfully unaware of A/foo existence).

Thanks,
Monty

P.S. We're using Subversion 1.6.2 (r37639).

------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=462&dsMessageId=2424928

Please start new threads on the <dev_at_subversion.apache.org> mailing list.
To subscribe to the new list, send an empty e-mail to <dev-subscribe_at_subversion.apache.org>.
Received on 2009-11-28 01:36:42 CET