New to Path-based authorization ...

We are no longer able to avoid the need for path-based authorization to our repository.

Basic problem: Enable r/w access to the entire repository, but restrict write access to a few selected sub-directories deep in the directory hierarchy.

A simplified example--given the following directory:

/svn
    /projectA
    /projectB
    /projectC (restricted project - powerusers only)
    /projectD

I'd like to grant r/w access to the entire directory tree, except selected groups. In my .conf file, I tried the following:

[groups]
users = user1, user2, user3
powerusers = user4, user5

[/svn]
@users = rw
@powerusers = rw

[/svn/projectC]
@users = r
@powerusers = rw

Doesn't work as expected. @users are able to commit to /svn/projectC.

How do I create a Subversion configuration file that allows r/w access by default, but restricts access 'selectively' for specified sub-directories. In our 'real' repository, there are 100's / 1000's of directories. I would like to avoid having to 'explicitly' indicate which directories are 'accessible', but instead, 'explicitly' indicate which directories are 'not accessible' to selected users.

Thanks,

Ken Parrish
Gomez, Inc.

------------------------------------------------------
http://subversion.tigris.org/ds/viewMessage.do?dsForumId=1065&dsMessageId=2423556

Please start new threads on the <users_at_subversion.apache.org> mailing list.
To subscribe to the new list, send an empty e-mail to <users-subscribe_at_subversion.apache.org>.
Received on 2009-11-23 21:23:06 CET