Unexpected behavior with path-based permissions
Date: Wed, 29 May 2019 09:03:00 +0000 (UTC)
We have a layout of
And to prevent that someone accidentally deletes the trunk or branches or adds branches in the root of "project1", we have this in our access file ("admins" is a group containing only a few users):
@members = r
@members = rw
The latter so that people can create new directories under "/project1/branches/", but I did not think that would give them permission to delete "/project1/branches", which is exactly what someone managed to do. Is this expected behavior based on the above configuration? I thought that the "r" setting for "project1" would mean that a write that deletes a file/directory immediately under that one would be disallowed. We have verified that no one can add a file directly under /project1/ so then I can only think that the rw on /project1/branches allows delete of that directory while I thought that it would only allow rw below that one (i.e. branches/*)
If this is expected behavior, how can I differentiate permission between "project1/branches" and "project1/branches/*"? That is, I want to prevent anyone from deleting "branches", but I want to allow them to add filer under "branches/"
This is an archived mail posted to the Subversion Users mailing list.