[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Limited subdirectory access

From: K F <cmkforce_at_yahoo.com>
Date: Mon, 30 Jan 2012 13:55:56 -0800 (PST)

--- On Mon, 1/30/12, Stefan Sperling <stsp_at_elego.de> wrote:

> From: Stefan Sperling <stsp_at_elego.de>
> Subject: Re: Limited subdirectory access
> To: "K F" <cmkforce_at_yahoo.com>
> Cc: "Andy Levy" <andy.levy_at_gmail.com>, users_at_subversion.apache.org
> Date: Monday, January 30, 2012, 9:32 PM
> On Mon, Jan 30, 2012 at 01:14:53PM
> -0800, K F wrote:
> > --- On Mon, 1/30/12, Andy Levy <andy.levy_at_gmail.com>
> wrote:
> > > have it setup in the authz file now:
> > > > [/]
> > > > @dev = rw
> > > > @qa = r
> > > >
> > > > [/ABC/DEF]
> > > > @dev1 = rw
> > > >
> > > > Do I need to be more specific?
> > > >
> > >
> > > What exactly isn't working?
> > >
> > > Is dev1 a group, or an individual?
> > >
> > > Do you have the case of the path matched exactly?
> The rules
> > > are case-sensitive.
> > >
> >
> > I am able to commit with a login that is in the dev
> group that is not in the dev1 group.
> >
> > The actual path is /svnrepo/ABC/DEF so I tried
> >
> > [/svnrepo/sandbox/tags]
> > @dev1 = rw
> >
> > and that doesn't work either. Based on the example in
> the file I also tried
> >
> > [repository:/svnrepo/sandbox/tags]
> > @dev1 = rw
> >
> > with no luck. Any ideas as to what I am doing wrong?
>
> You'll need to tighten permissions for the 'dev' group in
> /ABC/DEF also.
> [/]
> @dev = rw
> @qa = r
>
> [/ABC/DEF]
> @dev = r     
> @dev1 = rw
>
> See this snippet from
> http://svnbook.red-bean.com/en/1.7/svn.serverconfig.pathbasedauthz.html
>   "Of course, permissions are inherited from parent to
> child directory.
>   That means we can specify a subdirectory with a
> different access policy
>   for Sally:
>  
>   [calc:/branches/calc/bug-142]
>   harry = rw
>   sally = r
>  
>   # give sally write access only to the 'testing'
> subdir
>   [calc:/branches/calc/bug-142/testing]
>   sally = rw
>  
>   Now Sally can write to the testing subdirectory of
> the branch, but can
>   still only read other parts. Harry, meanwhile,
> continues to have
>   complete read/write access to the whole branch."
>
> The same applies when restricting access, rather than
> expanding it.
>

I realize my explanation is wrong, my apologies. It is actually repo ABC with 40+ folders under it. I want to limit who has access to one of the folders (DEF). After looking at the svnbook, I thought the following would work but it is still not working:

[ABC:/DEF]
@dev = r
@dev1 = rw
Received on 2012-01-30 22:56:31 CET

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.