hi nico...
your solution essentially needs to rewrite the svn user/file access rights
file each time a user's ability/need to access a file changes.. this could
get to be a pretty big hit depending on how the workflow process is setup,
how many times a file changes as it moves between the workflow phases, as
well as the number of times a given user's access rights change...
which is why i was interested in knowing if anyone had managed to hook up a
db for both the SVN server access rights, as well as the SVN Client
access...
thanks
-bruce
-----Original Message-----
From: Nico Kadel-Garcia [mailto:nkadel@comcast.net]
Sent: Monday, June 19, 2006 7:40 PM
To: Joerg Hessdoerfer; users@subversion.tigris.org;
bedouglas@earthlink.net
Subject: Re: User File Access from Mysql DB...
----- Original Message -----
From: "Joerg Hessdoerfer" <Joerg.Hessdoerfer@sea-gmbh.com>
To: <users@subversion.tigris.org>; <bedouglas@earthlink.net>
Sent: Monday, June 19, 2006 1:13 PM
Subject: Re: User File Access from Mysql DB...
> Hi,
>
> On Monday 19 June 2006 15:25, bruce wrote:
>> hi...
>>
>> i'm considering Subversion as a reopistory, but i need the ability to
>> implement the SVN system in a workflow kind of application. this requires
>> that as a file goes from one part of the process to another, the user
>> assigned to that part of the process will have access to only the files
>> in
>> that part of the process...
>>
>> i also need to accommodate the fact that users can/might be switched to
>> different parts of the process.
>>
>> i've considered keeping all this information in a mysql db, and then
>> somehow writing out the subversion user access file whenever a change is
>> made to the overall access system... this seems to be a good chunk of
>> development, and i'm not sure if it's the right thing to do..
>>
>> i've also considered the possibility of having to rewrite subversion to
>> have it get the user file access rights information from a database.. but
>> i'm not sure if this is the best approach...
>>
>> any thoughts/ideas/comments from people who are really familiar with
>> subversion? has anyone else run into this kind of need...
>>
>> the issue basically boils down to how you can use subversion in a system
>> where the users and files are dynamically changing...
>>
> [...]
>
> well, the first thought that came to mind is a small database holding the
> user/file access rights, and a small (web-based?) app to manage those. If
> SVN
> is served by apache (or newer svnserve, 1.3.X if memory serves?), you can
> then create per-URL access files to be directly used by SVN (see
>
http://svnbook.red-bean.com/nightly/en/svn.serverconfig.httpd.html#svn.serve
rconfig.httpd.authz.perdir).
> I use a scenario like this with apache, and it works fine. I also use
> PostgreSQL as database, and write the ACL file with python using a
> post-update/insert/delete database trigger.
>
> Then there is no need to interface the auth mechanism to anything else.
Too complex. Take a good close look at svnaccess.pl and the matching
svnconfig file in the contribs directory of the Subversion source tree. By
simply setting appropriate privileges for specific users for directories
with specific names, you can restrict their read, create, delete, and modify
permissions separately. This allows you to create "tags" that are stable
until the site administrator moves or deletes them, or to restrict write
access in other clever ways. And correctly implemented, the permissions will
apply both to local users, svnserve users, and HTTP users.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Tue Jun 20 13:03:27 2006