Re: ACL design question
From: Helge Jensen <jensen_at_slog.dk>
Date: 2004-04-27 10:21:51 CEST
Branko Čibej wrote:
> Helge Jensen wrote:
I appreciate the time you've taken to comment on my solution.
>>>> Note that a real ACL implementation
OK, so "real" here means an implementation that can prevent much more
>> Could you elaborate on where/why this is nessesary? or point me to
Thanks for your pointers.
> Do note that there's much more to ACLs than read and write.
Possibly,... depends on what you want to protect.
That's actually nicely covered by my property solution, you can change
While this may be primitive, it has the advantage of being
> I can imagine cases where you don't even want people to be
> svnadmin setlog does the same thing as "svn propset --revprop -rX
OK, so there may be a need for ACL'ing revprop changes. This could be
Or a finer granularity may be required. It doesn't seem like the two
>> A possible way to extend the property solution to cover the reading
> Ouch. How do you handle renames?
First, as I said, I haven't started thinking to deeply about limiting
Renames could pose a problem when the "HEAD" dissapers... I don't really
It may be, that the "lastest rev. that contains PATH to be checked"
>> Note, that if i do an svn copy of something protected by an acl (I can
> But only if you do that in the working copy, which means you lose the
The copy is still O(1), but any change to the ACL requires a commit.
An ACL change is only needed if i have changes to commit to the copied
So it's not too bad... output of trying to commit without
So it's pretty easy to spot what to change in your working copy.
hmmmm... maybe i should even output the relevant SVN commands for taking
> I'm sure it works for you, but it's far from flexible enough.
OK, I wasn't proposing it as "the solution to be chosen for SVN", merely
It really rocks here where we are ~15 devels, some sharing code and some
> I suggest
Maybe i will, thanks for the pointer and input.
> If that looks complex, rest assured that
I think i'll stay on my small ice-cube for now. Can't be much of such a
-- Helge --------------------------------------------------------------------- To unsubscribe, e-mail: firstname.lastname@example.org For additional commands, e-mail: email@example.comReceived on Tue Apr 27 10:22:56 2004
This is an archived mail posted to the Subversion Users mailing list.