We recently upgrade from 1.5.4 to 1.7.2 and saw a change in behavior
when it comes to filtering content for anonymous versus authenticated
access. The problem appears to be that even though a user has read
access to a specific folder svn commands such as list and checkout
ignore that folder if they are operating on a parent folder which has
anonymous access.
For example in the following two commands the first shows that the
folder public1 only contains file and public2. When I run the next list
command against private1, which does not have have anonymous access,
everything works as expected and I see that it contains a file. The root
of this repository is configured with anonymous read access.
$ svn list https://code-dev.doit.wisc.edu/svn/anon-test/public1/
file
public2/
$ svn list https://code-dev.doit.wisc.edu/svn/anon-test/public1/private1
file
This test repository is publicly accessible for others to test against.
Our svn_authz snippet and apache config snippet are also included below.
*
repository url:* https://code-dev.doit.wisc.edu/svn/anon-test/
*read-only account:* role_anon-test_svnusers - BS9Sn9tNKJWopWp6
*
AuthZ config*
[anon-test:/]
@group~anon-test~owners = rw
* = r
[anon-test:/public1/private1]
@group~anon-test~owners = rw
@group~anon-test~readers = r
* =
[groups]
group~anon-test~owners = dalquist
group~anon-test~readers = dalquist, role_anon-test_svnusers
*Repository Contents*
anon-test
|-- file
`-- public1
|-- file
|-- private1
| `-- file
`-- public2
`-- file
*Apache Config*
<Location /svn>
DAV svn
SVNParentPath /svn/repository
AuthzSVNAccessFile /svn/etc/svn-authz-policy
SVNPathAuthz short_circuit
AuthzSVNNoAuthWhenAnonymousAllowed Off
AuthType Basic
AuthName "Subversion Repository"
AuthUserFile /svn/etc/apache-passwd
# Try anonymous access first, resort to authn if necessary.
Satisfy Any
Require valid-user
</Location>
Received on 2012-01-06 19:20:03 CET