|

»

tigris - websvn

»

[WebSVN] access control via authz on regular files

View: New views

3 Messages — Rating Filter: Alert me

	[WebSVN] access control via authz on regular files by webpost :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hello, I noticed when setting access for a normal file via authz websvn does not treat this setting correctly. Example authz: [some-repo:/some-file.txt] foo = Expected result: websvn does not show this file and restricts read access for user "foo". Actual result: websvn shows the file and even it's contents (on diff, blame and details page) I went through the websvn source and tracked this problem down to line 62 in <includes/accessfile.php>. I think this issue exists since r376 but it has also effect until release 2.1.1. In that line all authz sections are forced to have a trailing / which causes Authentication::hasReadAccess() to always return the default or parent access for files because "some-file.txt" is not "some-file.txt/" and so the authz rule does not match. ------------------------------------------------------ http://websvn.tigris.org/ds/viewMessage.do?dsForumId=1547&dsMessageId=2400250 To unsubscribe from this discussion, e-mail: [dev-unsubscribe@...].
	Re: [WebSVN] access control via authz on regular files by Dirk Thomas :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hello, > I noticed when setting access for a normal file via authz websvn does not treat this setting correctly. > > Example authz: > [some-repo:/some-file.txt] > foo = > > Expected result: > websvn does not show this file and restricts read access for user "foo". > > Actual result: > websvn shows the file and even it's contents (on diff, blame and details page) > > I went through the websvn source and tracked this problem down to line 62 in <includes/accessfile.php>. I think this issue exists since r376 but it has also effect until release 2.1.1. > > In that line all authz sections are forced to have a trailing / which causes Authentication::hasReadAccess() to always return the default or parent access for files because "some-file.txt" is not "some-file.txt/" and so the authz rule does not match. i have just fixed that issue in the latest revision in SVN trunk. Could you please check this out and test if it works for you now as desired? Thank you Dirk ------------------------------------------------------ http://websvn.tigris.org/ds/viewMessage.do?dsForumId=1547&dsMessageId=2415937 To unsubscribe from this discussion, e-mail: [dev-unsubscribe@...].
	Re: [WebSVN] access control via authz on regular files by Quinn Taylor :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Sorry for the delayed response. Can you check whether this now works as expected? I resolved an issue with empty auth groups, and I've wondering whether this is still a problem. Thanks, - Quinn On Sep 25, 2009, at 6:59 AM, webpost@... wrote: > Hello, > > I noticed when setting access for a normal file via authz websvn does not treat this setting correctly. > > Example authz: > [some-repo:/some-file.txt] > foo = > > Expected result: > websvn does not show this file and restricts read access for user "foo". > > Actual result: > websvn shows the file and even it's contents (on diff, blame and details page) > > I went through the websvn source and tracked this problem down to line 62 in <includes/accessfile.php>. I think this issue exists since r376 but it has also effect until release 2.1.1. > > In that line all authz sections are forced to have a trailing / which causes Authentication::hasReadAccess() to always return the default or parent access for files because "some-file.txt" is not "some-file.txt/" and so the authz rule does not match. > > ------------------------------------------------------ > http://websvn.tigris.org/ds/viewMessage.do?dsForumId=1547&dsMessageId=2400250 > > To unsubscribe from this discussion, e-mail: [dev-unsubscribe@...]. ------------------------------------------------------ http://websvn.tigris.org/ds/viewMessage.do?dsForumId=1547&dsMessageId=2427140 To unsubscribe from this discussion, e-mail: [dev-unsubscribe@...]. smime.p7s (4K) Download Attachment