I'm testing how to set up a repository for BYU CocoaHeads [http://cocoaheads.byu.edu
] for a group of coders who want to publicly share code. We want
public (anonymous) read access, but wish to restrict write access to a
pool of authorized users so the repository doesn't become polluted by
members who don't know what they're doing, or worse, but malicious
outsiders. Our site is run using Drupal 6, and I've been working on
getting mod_auth_mysql to tie into the existing database, such that
usernames and passwords synchronize automatically, since Drupal has a
nice interface for creating/changing them. As far as I can tell, the
setup is (mostly) correct, but I'm seeing odd problems.
My test setup can be viewed in a browser or checked out from this URL:
The repository is publicly viewable, but it seems that the
restrictions I (think I) have described are not working correctly. I'm
fairly certain that these problems are linked—namely, that the lack of
restricting write access is allowing anonymous commits, so I get (no
author) in my repository.
I've configured the module parameters according to how Drupal stores
data. My httpd.conf file includes the following (with the appropriate
database, username, and password):
SVNReposName "CocoaHeads SVN Repository"
AuthName "CocoaHeads SVN Repository"
AuthMySQLUserTable "users, users_roles"
# Restrict write access only
<LimitExcept GET PROPFIND OPTIONS REPORT>
AuthMySQLUserCondition "users.uid = users_roles.uid AND
users_roles.rid IN (3,4)" # Site Managers and Administrators
I'm not an Apache expert by any stretch of the imagination, and my
understanding of how exactly Apache handles SVN actions (e.g.
PROPFIND, CHECKOUT, MERGE, etc.) is very weak. Any help in getting
this resolved would be much appreciated. I can provide Apache logs as
requested. Specifically, where would I find information about
authentication/authorization, what the difference is in terms of SVN
activity, logs of such activity, etc. would be awesome. I realize it's
a lot to ask, and I don't expect an essay in response—even links to
help explain would be very useful.
Thanks in advance,
Received on 2008-08-21 06:25:25 CEST
- application/pkcs7-signature attachment: smime.p7s