subversion-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Sperling <s...@elego.de>
Subject Re: Access control client error messages very poor?
Date Fri, 16 Jul 2010 08:45:24 GMT
On Thu, Jul 15, 2010 at 11:47:48PM +0100, John Beranek wrote:
> Hello all,
> 
> I've just had a look through the mailing lists and the issue tracker for
> this topic, and not found it discussed before. So, I'll start in?
> 
> Is the current behaviour on performing SVN activities (with Neon RA)
> that violate access controls known to be bad?
> 
> Environment is:
> 
> Client SVN: 1.6.9 with ra_neon
> Server SVN: Either of 1.6.12 or 1.5.6
> 
> If a directory in a repository is open for read for a particular user,
> but closed for write, the following is the error message given to the
> user. It's hardly friendly, is it!?
> 
> svn: Commit failed (details follow):
> svn: Server sent unexpected return value (403 Forbidden) in response to
> CHECKOUT request for '/svn/sources/!svn/ver/43/Read/Only/Area/tags'
> svn: Your commit message was left in a temporary file:
> svn:    'svn-commit.tmp'
> 
> To me, the worst part of this is the "Server sent _unexpected_ return
> value". Why is "Forbidden" considered unexpected!? ra_neon is talking to
> a mod_dav_svn server, which allows access to the repository to be
> restricted - what's unexpected about that access being denied?
> 
> Equally, if a user tries to check out an area of the repository they
> don't have read access to, they get:
> 
> svn: Server sent unexpected return value (403 Forbidden) in response to
> OPTIONS request for 'http://svn.example.com/svn/svntest1/Private/Area'
> 
> Again, "Forbidden" is "unexpected".
> 
> Has no-one else reported this? Is it being worked on - anything?

Looks like this was improved in trunk ages ago, but not backported
to 1.6.x. Can you try patching a client with the diff below and let
us know if this fixes the problem?

Thanks,
Stefan 

$ svn log --diff -r 876615 https://svn.apache.org/repos/asf
------------------------------------------------------------------------
r876615 | jrvernooij | 2009-03-14 16:07:08 +0100 (Sat, 14 Mar 2009) | 6 lines

* subversion/libsvn_ra_neon/util.c(generate_error): Return
  SVN_ERR_RA_DAV_FORBIDDEN for 403 errors.

Approved by: rhuijben
             dlr


Index: subversion/trunk/subversion/libsvn_ra_neon/util.c
===================================================================
--- subversion/trunk/subversion/libsvn_ra_neon/util.c   (revision 876614)
+++ subversion/trunk/subversion/libsvn_ra_neon/util.c   (revision 876615)
@@ -546,6 +546,10 @@ generate_error(svn_ra_neon__request_t *req, apr_po
           return svn_error_create(SVN_ERR_FS_NOT_FOUND, NULL,
                                   apr_psprintf(pool, _("'%s' path not found"),
                                                req->url));
+        case 403:
+          return svn_error_create(SVN_ERR_RA_DAV_FORBIDDEN, NULL,
+                                  apr_psprintf(pool, _("access to '%s' forbidden"),
+                                               req->url));

         case 301:
         case 302:

------------------------------------------------------------------------
$



Mime
View raw message