[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Making tags write-once in Subversion 1.3.x, solved

From: Tony Morris <tmorris_at_tmorris.net>
Date: 2006-04-09 00:37:13 CEST

Nico Kadel-Garcia wrote:
> I'd previously asked if there was a good way to make tags
> "write-once", to prevent people editing tags after their creation.
> Various people sent pointers to tools and guidelines that all boiled
> down to "only let authorized users write to tags". This is not what I
> was looking for.
>
> However, the svnperms.py and svnperms.conf tools in the current
> distributions do *precisely* what I wanted. They allow me to use a
> pre-commit to set tags with "add" permissions for everyone, "delete"
> permissions for a manager, and no "update" permissions for anyone to
> prevent people accidentally stepping on locked down tags. I really
> approve of this!
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
> For additional commands, e-mail: users-help@subversion.tigris.org
>
>
I may be out of line, but I've always wondered why you need hooks to do
this. Specifically, why does mod_authz abstract the operations on a
directory only to read/write? For example, I cannot use my authorization
policy to allow a user to "add" but not "delete". It seems that there
should at least be granularity of the usual CRUD operations
(Create/Read/Update/Delete) instead of rolling the CUD into one "write".
I assume that these then map to WebDAV operations, which some might
argue, is the appropriate level of granularity. I'd at least settle for
CRUD instead of just rw.

-- 
Tony Morris
http://tmorris.net/
s/Commonwealth Games/Commonwealth Swimming
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Sun Apr 9 00:38:29 2006

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.