Re: ACL design question

Henderson, Michael D wrote:
> Is there an issue on adding access control support to subversion, or maybe a document outlining the design approach that may be taken? ACLs or roles/groups?

I've implemented simple ACL's using properties, for WRITE only. it's
some time ago, and could probably be rewritten using the new
"authz_func" arguement to svn_repos_dir_delta, possibly you could also
limit the reading to logged in users using that.

When commit'ing, the pre-commit hook traverses the commit with
svn_repos_dir_delta.

Let write_list(path) be:
   - preset (in the code for now) if path == ""
   - the acl:write property of path, if it has one
   - write_list(parent(path)) otherwise

Then commits by user U are denied if any of the following occur:
  - change/prop_change FILE with U not in write_list(file)
  - add/delete/prop_change PATH/ENTRY with U not in write_list(PATH)

This scheme has some nice properties

   * it's revision-controlled, so you can see when and who revoked your
permission to write by inspecting the log

   * It requires no "external" (to svn) setup or storage, except the
setting of write_list("")

   * It allows you to take ownership of anything you copy (but you STILL
can't commit to the original path!)

For identification, i use the SVN login names, and I added the
"unix-groups" concept, for "@group" in acl:write. (all sorts of other
fancier schemes can be thought of... but my users of SVN are also UNIX
users on the server.

Have a look at http://svn.slog.dk/repos/+svn/py/acl.py, which is
probably outdated, since it uses some low-level functions... but it
works for me, and has done for >5 months.

-- 
Helge
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org