开发者

SVN's authz and folder renaming

Say I want to prevent certain users form accessing certain folders in my SVN repo. I just do:

[/]
* = rw

[/NewSecretFolder]
* = rw
some_poor_sap = 

But what if that folder was renamed from SecretFolder to NewSecretFolder? Will user some_poor_sap be able to access the h开发者_StackOverflowistory for /SecretFolder?


Yes, he will be able then. You need to do

[/]
* =

And then allow access to required users where needed. This is how I do that.


The authz file authorization mechanism is entirely path based and ignores the different names an object may have at other revisions. So when you access the repository at a certain revision, the authorizations will be applied according to the folder names at that revision.

So when I have these authorizations:

[/]
* = r

[/MyProject]
* = 
devs = rw

And I rename the project to MyRenamedProject, then I change the authorizations like this:

[/]
* = r

[/MyProject]
* = 
devs = r

[/MyNewProject]
* = 
devs = rw

Here I kept the old project path in the authz file and granted read access to ensure that the devs can always still read the history of the project from before the rename.

Also note that we always grant at least read-access to the root and then take it away again with a * = in the project authorizations, to work around the strange svn copy issues. I suspect this is only relevant if you're using apache to host SVN.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜