You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@subversion.apache.org by Geoff Swan <gs...@bigpond.net.au> on 2010/02/05 01:30:21 UTC

How to setup an update-only sandbox

I have some test servers which have web applications as sandboxes on
them from our Linux repository server.

These sandboxes are used by multiple developers to test new and updated
code and are updated by the developers using their passphrase protected
client certs through apache on the reporistory server.
However I would like to prevent a commit from being performed from these
test server sandboxes back into the repository.

I haven't managed to find any documentation about doing this, so I'm not
even sure it is possible.
This is not user-access restrictions, it is a restriction on a sandbox
for all users.

Any suggestions appreciated.

Re: How to setup an update-only sandbox

Posted by "C. Michael Pilato" <cm...@collab.net>.

Geoff Swan wrote:
> I have some test servers which have web applications as sandboxes on
> them from our Linux repository server.
> 
> These sandboxes are used by multiple developers to test new and updated
> code and are updated by the developers using their passphrase protected
> client certs through apache on the reporistory server.
> However I would like to prevent a commit from being performed from these
> test server sandboxes back into the repository.
> 
> I haven't managed to find any documentation about doing this, so I'm not
> even sure it is possible.
> This is not user-access restrictions, it is a restriction on a sandbox
> for all users.
> 
> Any suggestions appreciated.

What about using Apache directives to limit the non-read HTTP methods to IP
addresses which aren't the test servers?

I don't know offhand the specific configury, but I'm imagining something
like the following:

   <Location /blahblah>   # This is your Subversion location block
      DAV svn
      ...

      <LimitExcept GET REPORT PROPFIND OPTIONS>
         Order allow,deny
         Allow from all
         Deny from testserver1
         Deny from testserver2
         ...
      </LimitExcept>
   </Location>

Would this work?

-- 
C. Michael Pilato <cm...@collab.net>
CollabNet   <>   www.collab.net   <>   Distributed Development On Demand