subversion-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Branko ─îibej <br...@apache.org>
Subject Re: svn 1.10: mod_authz no longer combines ACL entries
Date Wed, 04 Jul 2018 11:34:04 GMT
On 04.07.2018 13:25, Michael Ruder wrote:
> Hi,
>
> we used up to and including svn 1.9 an authz file of the format
>
> [groups]
> company = user1, user2, user3
> customer = customer1, customer2
>
> # company can read-write on everything
> [/]
> @company = rw
>
> [project1:/]
> @customer = r
>
> [project2:/]
>
> This gave company full rights on both project1 and project2 and
> customer reading rights on project1. Now, with svn 1.10, company
> cannot access anything (customer can still read project 1). So
> apparently, only the ACLs in the most specific matching block are used
> and parent ACLs not at all.
>
> Even like this, within a single repository, this is the case:
>
> [project1:/]
> @company = rw
>
> [project1:/trunk/src]
> @customer = r
>
> It results, that in trunk/src and below ONLY customer can read,
> company has no rights.
>
> Is this really an intentional change? It results in our case in a huge
> amount of duplicated ACL entries and seems a rather drastic change
> regarding backwards compatibility.

This kind of change is probably not intentional. It does appear that we
need more test cases, though.

-- Brane


Mime
View raw message