On 6/22/05, John Browne <jkbrowne@gmail.com> wrote:
> I am also trying to accomplish this with my existing hook script. I
> would like users to be able to *create* new tags, but never modify
> them. I'm not 100% sure of the correct logic, though. I would like
> to understand what needs to happen in the hook script regarding the
> path/revision/transaction checking, etc. Many people have directed me
> to the existing perl or python access-control scripts that are bundled
> with subversion, but I'm trying (on purpose) to do it the hard way.
>
> Anyone have any clues?
That was the reason I didn't like the current
commit-access-control.pl. I want users to be able to do a copy to the
tag directory (that is add to the tag directory) but not modify their
tags. I also wanted to be able to specify properties that must be set
on files and folders before I'll accept a commit. Plus, I didn't like
the fact that I needed to download that Perl "Initfile" module in
order for it to work.
I created a script called "access.pl" that has the following features:
* You can define groups of users for permission purposes. This way,
you don't have to keep listing the same names over and over for each
permission. (pretty much what the current commit-access-control.pl
script does)
* A special "add only" permission allows users to add files, but not
modify or delete them. This is perfect for tags since it truly makes
tags static. (Of course, you can quickly modify the permission so you
can modify, delete, or move tags if you need to).
* A special group called "@ALL" represents all users. This makes it
easy to specify that all users have read or write permission on a
particular directory.
* A special directory directive called <USER> allows you to specify
private directory permission for your users. For example, I might have
a special /branches/users/qazwart directory where I can put branches
and know that others cannot touch them.
* Something I really wanted: The ability to specify that particular
files and/or directories need certain properties set. This way, you
can make sure that all *.jpgs are marked with the correct
svn:mime-type, that your Unix shell scripts have the right
svn:eol-style set, or that all source files have svn:keywords set, so
the $Id$ keyword will expand.
I've enclosed the access.pl script, what the modified pre-commit
script needs to look like, and a control-file template.
Look over the script, and let me know what you think. Let me know if
you have any features you think might be nice to have and I'll see
about adding them.
--
David Weintraub
qazwart@gmail.com
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
- application/octet-stream attachment: access.pl
Received on Thu Jun 23 05:26:05 2005