On Thu, Jan 31, 2013 at 11:50 AM, Paul Burba <ptburba_at_gmail.com> wrote:
> On Thu, Jan 31, 2013 at 9:12 AM, <rhuijben_at_apache.org> wrote:
>> Author: rhuijben
>> Date: Thu Jan 31 14:12:53 2013
>> New Revision: 1440966
>>
>> URL: http://svn.apache.org/viewvc?rev=1440966&view=rev
>> Log:
>> In the merge handling: make the tree conflict detection for directories work
>> like that in the update editor: Detect tree conflicts on entering every node,
>> but only report conflicts on actual changes.
>>
>> This simplifies and brings together the obstruction logic, avoids touching
>> unrelated nodes just for testing and makes the tree conflicts more reliable.
>>
>> The next step will be to hook the file code to this same system.
>>
>> This patch adds a few notifications for unversioned/missing obstructions
>> to make these reports more similar to those of tree conflicts.
> .
> <SNIP>
> .
>> def at_directory_external(sbox):
>> "tree conflict at directory external"
>
> Only indirectly related to this commit, but one thing I noticed while
> looking at it was a change from 1.7 in the way we report merge skips
> within subtrees we don't have read access to.
>
> Say we have full read access to our merge source (^/A), but only
> partial read access to our merge target (^/branch-1):
>
> authz:
> [[[
> [/]
> * = rw
> [/branch-1/C]
> * =
> ]]]
>
> Full disclosure: The above is an unusual[1] authz setup. We already
> know the corresponding tree structure in the source, so I don't think
> this is so much a security concern as it is a signal-to-noise problem
> where potentially a *lot* of skip notifications can be generated.
>
> Assume a merge wants to apply changes from ^/A into the restricted
> subtree of the branch:
>
> 1.8-dev>svn diff --summarize -c3
> A A\C\J\K\L\M\N\O\P\Q\R\S\T\U\V\W\X\Y\Z\nu
> A A\C\J\K\L\M\N\O\P\Q\R\S\T\U\V\W\X\Y\Z
> A A\C\J\K\L\M\N\O\P\Q\R\S\T\U\V\W\X\Y
> A A\C\J\K\L\M\N\O\P\Q\R\S\T\U\V\W\X
> A A\C\J\K\L\M\N\O\P\Q\R\S\T\U\V\W
> A A\C\J\K\L\M\N\O\P\Q\R\S\T\U\V
> A A\C\J\K\L\M\N\O\P\Q\R\S\T\U
> A A\C\J\K\L\M\N\O\P\Q\R\S\T
> A A\C\J\K\L\M\N\O\P\Q\R\S
> A A\C\J\K\L\M\N\O\P\Q\R
> A A\C\J\K\L\M\N\O\P\Q
> A A\C\J\K\L\M\N\O\P
> A A\C\J\K\L\M\N\O
> A A\C\J\K\L\M\N
> A A\C\J\K\L\M
> A A\C\J\K\L
> A A\C\J\K
> A A\C\J
>
> In 1.7 we are only told that the root of the missing subtree is skipped:
>
> 1.7.9-dev>svn merge ^^/A branch-1 -c3
> Skipped missing target: 'branch-1\C'
> --- Recording mergeinfo for merge of r3 into 'branch-1':
> U branch-1
> Summary of conflicts:
> Skipped paths: 1
>
> But with 1.8-dev we see the whole source tree structure revealed via
> notifications:
>
> 1.8-dev>svn merge ^^/A branch-1 -c3
> Skipped missing target: 'branch-1\C'
> Skipped 'branch-1\C\J\K\L\M\N\O\P\Q\R\S\T\U\V\W\X\Y\Z\nu'
> Skipped missing target: 'branch-1\C\J\K\L\M\N\O\P\Q\R\S\T\U\V\W\X\Y\Z'
> Skipped missing target: 'branch-1\C\J\K\L\M\N\O\P\Q\R\S\T\U\V\W\X\Y'
> Skipped missing target: 'branch-1\C\J\K\L\M\N\O\P\Q\R\S\T\U\V\W\X'
> Skipped missing target: 'branch-1\C\J\K\L\M\N\O\P\Q\R\S\T\U\V\W'
> Skipped missing target: 'branch-1\C\J\K\L\M\N\O\P\Q\R\S\T\U\V'
> Skipped missing target: 'branch-1\C\J\K\L\M\N\O\P\Q\R\S\T\U'
> Skipped missing target: 'branch-1\C\J\K\L\M\N\O\P\Q\R\S\T'
> Skipped missing target: 'branch-1\C\J\K\L\M\N\O\P\Q\R\S'
> Skipped missing target: 'branch-1\C\J\K\L\M\N\O\P\Q\R'
> Skipped missing target: 'branch-1\C\J\K\L\M\N\O\P\Q'
> Skipped missing target: 'branch-1\C\J\K\L\M\N\O\P'
> Skipped missing target: 'branch-1\C\J\K\L\M\N\O'
> Skipped missing target: 'branch-1\C\J\K\L\M\N'
> Skipped missing target: 'branch-1\C\J\K\L\M'
> Skipped missing target: 'branch-1\C\J\K\L'
> Skipped missing target: 'branch-1\C\J\K'
> Skipped missing target: 'branch-1\C\J'
> --- Recording mergeinfo for merge of r3 into 'branch-1':
> U branch-1
> Summary of conflicts:
> Skipped paths: 19
>
> To be clear, this *doesn't* happen when we don't have access to the
> corresponding subtree in the source, regardless of the access we have
> to the corresponding subtree in the target:
>
> authz
> [[[
> [/branch-1/C]
> * =
> [/A/C]
> * =
> [/]
> * = rw
> ]]]
>
> 1.8-dev>svn merge ^^/A branch-1 -c3
> Skipped missing target: 'branch-1\C'
> --- Recording mergeinfo for merge of r3 into 'branch-1':
> U branch-1
> Summary of conflicts:
> Skipped paths: 1
>
> authz:
> [[[
> [/branch-1/C]
> * = rw
> [/A/C]
> * =
> [/]
> * = rw
> ]]]
>
> 1.8-dev>svn merge ^^/A branch-1 -c3
> Skipped missing target: 'branch-1\C'
> --- Recording mergeinfo for merge of r3 into 'branch-1':
> U branch-1\C
> U branch-1
> Summary of conflicts:
> Skipped paths: 1
>
> [1] Seriously, if nobody has ever seen a setup like this in the wild
> this is probably a non-issue.
And now we have even odder behavior...see issue #4319:
http://subversion.tigris.org/issues/show_bug.cgi?id=4319
--
Paul T. Burba
CollabNet, Inc. -- www.collab.net -- Enterprise Cloud Development
Skype: ptburba
Received on 2013-02-13 20:19:39 CET