[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: SVN tag directory and read-only

From: John Stile <johns_at_meyersound.com>
Date: 2005-11-02 02:09:47 CET

On Tue, 2005-11-01 at 18:41 -0600, Joshua Varner wrote:
> On 11/1/05, Berlin Brown <berlin.brown@gmail.com> wrote:
> > How do you create a read-only directory and corresponding
> > sub-directories, for example a tagged directory.
> >
> Look at svnperms.py.
> http://svn.collab.net/repos/svn/trunk/tools/hook-scripts/svnperms.conf.example
> http://svn.collab.net/repos/svn/trunk/tools/hook-scripts/svnperms.py
>
> Permissions are not stored directly in the repos, but
> are enforced by the access mechanism or hook
> scripts.
>
> Josh
I use a pre-commit hook script to allow write-once to the /tags
directory. It also has a god clause if a modification needs to be made
to the tags directory. This isn't all my code, but I'll share. Not
sure if it's appropriate to paste it here. but it at least on-topic.
cat pre-commit

#!/bin/sh
########################
# repository
########################
REPOS="$1"
# Transaction
TXN="$2"
########################
#debug
########################
#transaction=`$SVNLOOK changed -t $TXN $REPO`
#echo "$transaction";
##########################
# user 'god' can do anything
##########################
# User=`svnlook author -t $TXN $REPOS`
# if ( $User == "god" ){ exit 0 }
#################################
# Log message contains some text.
#################################
SVNLOOK=/usr/bin/svnlook
$SVNLOOK log -t "$TXN" "$REPOS" | \
   grep "[a-zA-Z0-9]" > /dev/null || exit 1
########################
# Protect tags directory
########################
# Deny transaction if any line writes to tags directory that exists.
# tags dir match pattern
TAGS_REGEX='tags/[^/]\+'
# Get list of transactions in the 'tag' directory
TAGS_CHANGES=`"$SVNLOOK" changed -t "$TXN" "$REPOS" 2>/dev/null | \
                 awk '{ print $2; }' 2>/dev/null | \
                 grep ^tags/ 2>/dev/null | \
                 sed -e "s!^\($TAGS_REGEX\).*!\1!" | \
                 sort | \
                 uniq`
# Get head revision number
YOUNGEST=`svnlook youngest "$REPOS" 2>/dev/null`
# For every line in transaction,
# check to see if directory in tags exists
for CHANGE in $TAGS_CHANGES; do
  # If directory in tags exists, deny transaction
  if svnlook proplist -r $YOUNGEST "$REPOS" "$CHANGE" >/dev/null 2>&1 ;
then
    echo "Cannot modify existing tag: ${tag}" >&2
    exit 1
  fi
done
#######################
# Allow transaction
#######################
exit 0

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Wed Nov 2 02:11:09 2005

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.