[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

RE: Mimicking mvn_authz_svn with svnauthz(1)

From: Osipov, Michael <michael.osipov_at_siemens.com>
Date: Tue, 5 Apr 2016 08:28:35 +0000

> Osipov, Michael wrote on Fri, Apr 01, 2016 at 08:00:56 +0000:
> > Hi folks,
> >
> > I am trying to figure out how I can effectively mimic the behavior of
> > mod_authz_svn with svnauth(1). I do have a small, read-only PHP
> > application which shall browse a repo just like mod_dav_svn does with
> > the same authz. While calling svnauthz(1) works well, I am not
> > certain when I should use '--recursive' or not. Looking at
> > mod_authz_svn.c for the switch case with r->method_number, I do see
> > that it is only necessary for COPY, MOVE, DELETE and default.
> > In terms of read-only access, I don't need recursive checks.
> >
> > Is that correct?
> >
>
> That depends on what your app does. For example, if you provide an interface to
> 'ls -R' and the authz file has
>
> [/foo]
> * = r
> [/foo/secret]
> * =
> @secret = r
>
> , then children of /foo/secret should be excluded from the listing, but a non-
> recursive 'r' answer on '/foo' doesn't convey that information.

It traverses only immediate children only. The only usecase for recursive traversal is
that my script offers to create a tarball from a tree which means it needs to check
recursively of course.

I still would like to have a statement about the behavior in mod_authz_svn.c

Michael
Received on 2016-04-05 10:28:51 CEST

This is an archived mail posted to the Subversion Users mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.