You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@subversion.apache.org by Luis Rodrigo Gallardo Cruz <ro...@nul-unu.com> on 2007/12/01 20:24:55 UTC
[PATCH] [Issue 2662] authz with wildcards
On Tue, Nov 13, 2007 at 04:55:55PM -0600, Luis Rodrigo Gallardo Cruz wrote:
> I don't yet have something to show, but will post it as soon as I can.
Ok, here's my patch for this issue. There's still at least one problem
with it, but otherwise it's ready and in use in a client's site. The
patch was developed against 1.4.4 but this version is rebased against
trunk revision 28157
I've broken up the patch into 4 pieces to make it easier to understand
and review.
I believe there's no 'natural' way to resolve the conflicts created by
having several globs match a single path, thus we opted for using
"order of declaration" as precedence.
The first part of the patch, record-line-numbers.diff, makes the
config file mechanism record the starting line number of each section,
for use by the rest.
The second patch, non-recursive-wildcards.diff, handles matching
single paths against the globs. I have not tested how this interacts
with the new ~user and aliases syntaxes.
The third patch, recursive-repo-walk.diff, implements walking the repo
when recursive access is requested. *This patch modifies the API,*
because in order to let it walk the repo the callers of
svn_repos_authz_check_access need to provide a svn_fs_root_t*
My patch currently is passing the root for the youngest revision in
the repo. I'm not certain this is the best idea but can't think of a
scenario where it would actually matter.
And, svnserve doesn't work. Aparently I'm not passing the right root,
but I haven't really understood the code enough to tell.
The last part of the patch, wildcards-tests.diff, adds some simple
excercising of the code to the test suite.
The patch set compiles cleanly and the resulting code passes all of
the original test suite + my new tests.
I'll appreciate your reviews and comments.