You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@subversion.apache.org by st...@apache.org on 2016/06/12 17:39:21 UTC

svn commit: r1748029 - /subversion/branches/authzperf/subversion/libsvn_repos/authz.c

Author: stefan2
Date: Sun Jun 12 17:39:20 2016
New Revision: 1748029

URL: http://svn.apache.org/viewvc?rev=1748029&view=rev
Log:
On the authzperf branch:  Resolve global and repo-specific rules for the
same paths just like rule conflicts within those sets - the last one wins. 

This is relevant because the authz structure contains a default rule for
[/] (sequence number 0) that denies all access.  The parser already takes
care of rejecting the "real" conflicting definitions where the same path
shows up in multiple rules.

* subversion/libsvn_repos/authz.c
  (insert_path): Multiple rules for the same path are not a fault per se.
                 Use our standard arbiter rules to pick the right one.

Modified:
    subversion/branches/authzperf/subversion/libsvn_repos/authz.c

Modified: subversion/branches/authzperf/subversion/libsvn_repos/authz.c
URL: http://svn.apache.org/viewvc/subversion/branches/authzperf/subversion/libsvn_repos/authz.c?rev=1748029&r1=1748028&r2=1748029&view=diff
==============================================================================
--- subversion/branches/authzperf/subversion/libsvn_repos/authz.c (original)
+++ subversion/branches/authzperf/subversion/libsvn_repos/authz.c Sun Jun 12 17:39:20 2016
@@ -341,12 +341,15 @@ insert_path(construction_context_t *ctx,
   /* End of path? */
   if (segment_count == 0)
     {
-      /* Set access rights.  Since we call this function once per authz
-       * config file section, there cannot be multiple paths having the
-       * same leave node.  Hence, access gets never overwritten.
+      /* Set access rights.  Note that there might be multiple rules for
+       * the same path due to non-repo-specific rules vs. repo-specific
+       * ones.  Whichever gets defined last wins.
        */
-      SVN_ERR_ASSERT_NO_RETURN(!has_local_rule(&node->rights));
-      node->rights.access = *access;
+      limited_rights_t rights;
+      rights.access = *access;
+	  rights.max_rights = access->rights;
+	  rights.min_rights = access->rights;
+      combine_access(&node->rights, &rights);
       return;
     }