Re: authz: what has precidence when user is multiply referenced for a particular path?

Quoting "B. Smith-Mannschott" <benpsm@gmail.com>:

> Respectfully, no, ... it isn't.
>
> [paint:/projects/paint]
> @paint-developers = rw
> jane = r
>
> Since "jane" is also a member of paint-developers, does she have
> read-only or read-write permssion? Which takes precidence? The more
> permissive? The more restrictive? The first? The last? This should
> be clarified.

Hi Ben,

I think you're right in that it should be clarified.

If you like to have more detailed information on some topics, you can look at
the python tests of authorization. They're not complete yet, but we're working
on that:
http://svn.collab.net/repos/svn/trunk/subversion/tests/cmdline/authz_tests.py

To answer your specific question, I found that once you grant the user a right
(@paint-developers=rw), you can't remove that right on the next line(jane=r).
In fact, subversion just parses the first line, sees that you jane has rw
rights through the paint-developers group and just stops parsing.

Hope this helps,

Lieven.

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Fri May 19 13:34:08 2006