--- On Mon, 1/30/12, Stefan Sperling <stsp_at_elego.de> wrote:
> From: Stefan Sperling <stsp_at_elego.de>
> Subject: Re: Limited subdirectory access
> To: "K F" <cmkforce_at_yahoo.com>
> Cc: "Andy Levy" <andy.levy_at_gmail.com>, users_at_subversion.apache.org
> Date: Monday, January 30, 2012, 9:32 PM
> On Mon, Jan 30, 2012 at 01:14:53PM
> -0800, K F wrote:
> > --- On Mon, 1/30/12, Andy Levy <andy.levy_at_gmail.com>
> wrote:
> > > have it setup in the authz file now:
> > > > [/]
> > > > @dev = rw
> > > > @qa = r
> > > >
> > > > [/ABC/DEF]
> > > > @dev1 = rw
> > > >
> > > > Do I need to be more specific?
> > > >
> > >
> > > What exactly isn't working?
> > >
> > > Is dev1 a group, or an individual?
> > >
> > > Do you have the case of the path matched exactly?
> The rules
> > > are case-sensitive.
> > >
> >
> > I am able to commit with a login that is in the dev
> group that is not in the dev1 group.
> >
> > The actual path is /svnrepo/ABC/DEF so I tried
> >
> > [/svnrepo/sandbox/tags]
> > @dev1 = rw
> >
> > and that doesn't work either. Based on the example in
> the file I also tried
> >
> > [repository:/svnrepo/sandbox/tags]
> > @dev1 = rw
> >
> > with no luck. Any ideas as to what I am doing wrong?
>
> You'll need to tighten permissions for the 'dev' group in
> /ABC/DEF also.
> [/]
> @dev = rw
> @qa = r
>
> [/ABC/DEF]
> @dev = r
> @dev1 = rw
>
> See this snippet from
> http://svnbook.red-bean.com/en/1.7/svn.serverconfig.pathbasedauthz.html
> "Of course, permissions are inherited from parent to
> child directory.
> That means we can specify a subdirectory with a
> different access policy
> for Sally:
>
> [calc:/branches/calc/bug-142]
> harry = rw
> sally = r
>
> # give sally write access only to the 'testing'
> subdir
> [calc:/branches/calc/bug-142/testing]
> sally = rw
>
> Now Sally can write to the testing subdirectory of
> the branch, but can
> still only read other parts. Harry, meanwhile,
> continues to have
> complete read/write access to the whole branch."
>
> The same applies when restricting access, rather than
> expanding it.
>
I realize my explanation is wrong, my apologies. It is actually repo ABC with 40+ folders under it. I want to limit who has access to one of the folders (DEF). After looking at the svnbook, I thought the following would work but it is still not working:
[ABC:/DEF]
@dev = r
@dev1 = rw
Received on 2012-01-30 22:56:31 CET