ACLs vs tags

From: Udo Rader <listudo_at_bestsolution.at>
Date: Wed, 23 Sep 2009 09:59:32 +0200

Hi,

I am facing some troubles with a "conflict" between ACLs vs. allowing
users to create tags.

User connect via dav_svn, the AuthzSVNAccessFile looks similar like this:

------CUT------
adminUsers = fred,wilma

[/restricted/project]
foo = rw

[/]
* =
@adminUsers = rw
------CUT------

Now if the "foo" user wants to create a tag like this ...

------CUT------
svn copy https://svn.example.com/repos/restricted/project/trunk
https://svn.example.com/repos/restricted/project/tags/1.0 -m "creating
the 1.0 tag"
------CUT------

... I then get a "403 Forbidden" error, because the client tries to
access repos/:

------CUT------
[Wed Sep 23 09:42:37 2009] [error] [client 192.168.123.123] Access
denied: 'foo' PROPFIND repos:/
------CUT------

The only "workaround" I found so far is to make the entire repository
readable for the user.

So how can I allow user "foo" to create tags within the restricted
project without making the entire repository readable for him?

-- 
Udo Rader, CTO
http://www.bestsolution.at
http://riaschissl.blogspot.com
------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=2398761
To unsubscribe from this discussion, e-mail: [users-unsubscribe_at_subversion.tigris.org].

Received on 2009-09-23 10:01:10 CEST

This message: [ Message body ]
Next message: Zsolt Koppany: "Re: ACLs vs tags"
Previous message: Byron Hammond: "Perl 5.10 bindings for Subversion 1.6.5 on Win32"
Next in thread: Zsolt Koppany: "Re: ACLs vs tags"
Reply: Zsolt Koppany: "Re: ACLs vs tags"
Reply: Stefan Sperling: "Re: ACLs vs tags"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]