> -----Original Message-----
> From: John Szakmeister [mailto:john@szakmeister.net]
> Sent: Monday, October 25, 2004 11:48 AM
> To: SVN Users
> Subject: Re: CVS/SVN comparison
>
>
> Guido Anzuoni wrote:
> [snip]
> >
> > I agree, it would be great if mod_authz_svn could be shared among
> > different access methods (together with some extensions on available
> > actions, i.e. read/write is not sufficient, and path specification,
> > i.e. wildcard are appreciated).
>
> A pre-commit hook can be used, and will work for all access methods.
Unfortunately, a pre-commit hook can't rely on a "built-in" way of checking
permissions.
Looking at commit-access-control.pl.in you see that the script parses config file,
it doesn't call a security API such as:
public boolean checkPermission(String reposname, String uri, String principal);
(pls, forgive my javish pseudo-code)
that a built-in capability should ensure.
Having such a feature will drop the need of this kind of pre-commit hook too.
It would be nice if it would be possible to plug-in different "providers" so that
that based on mod_authz_svn' config be one of the possible implementations.
> That's not to say that the finer-grained access controls wouldn't be
> nice. Just that this concept of having tags that can't be updated can
> be enforced through a pre-commit hook.
>
> -John
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
> For additional commands, e-mail: users-help@subversion.tigris.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Mon Oct 25 12:15:38 2004