[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Access control questions

From: Pavol Gono <pavol_gono_at_yahoo.com>
Date: 2005-06-17 04:32:05 CEST

Hi

I am thinking about deploying subversion in our organization.
From user side of view, it has many benefits in comparison with
current version control system. But what makes me headaches are
tasks for administrator.

Consider this situation: we have hundreds of developers, tenths
of projects and administrator wants to have his life as simple
as possible.
                                                               
           
For first approach it seems to have one repository for one
project. Users (developers) can work on more projects and have
different "rights" on projects. We'll likely use svnserve
(svn://) because it seems easier to configure. Operating system
- hard to say now.
                                                               
                                                               
  
What is almost necessary is possibility to set properly
per-user authorization - what directories in projects
(repositories) can user access and what type of access it is
(adding, deleting, modifying, "reading", ... - or some
combination).

And now comes questions:

- Are there some existing tools/implementations of desired
access control?

The most advanced I found was svnperms.py hook. But for me it
has these problems
  - python script - python not default installed on windows;
maybe slowdown in comparison with C code
  - don't know if possible one configuration for many
repositories
  - admin have to maintain both svnserve.conf and svnperms.conf
  - don't have possibility to use it for both start-commit and
pre-commit (if user has no access to repository, commit can be
stopped in start-commit). Could be used also for
pre-lock/pre-unlock.
  - would be nice to have role-base access control (defining
repository-based roles and assigning roles to users in
transparent file)
  - must maintain hooks for all repositories
  - (some people don't know what regular expressions are...)

- Is it possible to temporarily deny access to one repository
for all users when using svnserve? (other repositories should
live)

I know svnadmin hotcopy, but sometimes one wants to be sure...

- Do you have plans for implementing such access control
directly in subversion code (not in hooks) in near future
(let's say some months)?

I just want to know current status, maybe outline what some
users want to have.
If it is too bad, I may try a shiny hook for all problems :)
                                                
                                                               
                                                
Pavol

                
__________________________________
Yahoo! Mail Mobile
Take Yahoo! Mail with you! Check email on your mobile phone.
http://mobile.yahoo.com/learn/mail

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Fri Jun 17 04:33:45 2005

This is an archived mail posted to the Subversion Users mailing list.