RE: how to add a group and exclude the group in path-based authorization?
From: Geir Engebakken <geir.engebakken_at_edb.com>
Date: Wed, 17 Jun 2009 10:44:14 +0200
Seems the access rules are a bit confusing, what I eventually ended up with was something like this :
[java:/]
[java:/business/path1]
[java:/business/somearea2]
I found that the notation ~group, sets accesses to all other users than members of the group, effectively giving them no access. I also found that all users needed r access to the root of the repos to be able to tag!
This scheme seems to work, but someone with the knowledge should write a more definite guide on these accesses, they are not easily understood!
(also I just noticed the ~notation by reading through the code to try and understand more of access rights, couldn't find it documented elsewhere)
Geir
Hi,
If I have two existing repos in my svn server that is already managed using path-based authorization. If I want to add a group and then restrict the group 's access to certain part of the repo1, then what should i do? I listed the exsiting contents of svnaccessfile.
I tried to put "@contractors = " in [/] section under "* = rw" but it will not work, why? I thought this is the right location since i would like to shut off all access for group contractors to all repos.
I tried to put "@contractors = " in a new section called [repo1:/], it works. Is this restriction only apply to local "section"? If i have 100 repos, then is that mean i have to do them all?
Thanks. A.
[groups]
admins = admin1, admin2
[/]
* = rw
[repo1:/src/branches]
* = r
------------------------------------------------------
To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].
|
This is an archived mail posted to the Subversion Users mailing list.
This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.