You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@subversion.apache.org by sv...@apache.org on 2019/03/06 04:00:22 UTC
svn commit: r1854887 - in /subversion/branches/1.11.x: ./ STATUS
subversion/libsvn_repos/authz_parse.c
subversion/tests/cmdline/svnauthz_tests.py
Author: svn-role
Date: Wed Mar 6 04:00:22 2019
New Revision: 1854887
URL: http://svn.apache.org/viewvc?rev=1854887&view=rev
Log:
Merge the r1851676 group from trunk:
* r1851676, r1851687, r1851791
Allow the use of empty groups in authz rules.
Justification:
Fixes regression from 1.9.x. Does not affect authz file semantics.
Notes:
- r1851676 adds a regression test.
- r1851687 fixes the bug and extends the test.
- r1851791 refers to issue #4802.
Votes:
+1: brane, julianfoad, stsp
Modified:
subversion/branches/1.11.x/ (props changed)
subversion/branches/1.11.x/STATUS
subversion/branches/1.11.x/subversion/libsvn_repos/authz_parse.c
subversion/branches/1.11.x/subversion/tests/cmdline/svnauthz_tests.py
Propchange: subversion/branches/1.11.x/
------------------------------------------------------------------------------
--- svn:mergeinfo (original)
+++ svn:mergeinfo Wed Mar 6 04:00:22 2019
@@ -100,4 +100,4 @@
/subversion/branches/verify-at-commit:1462039-1462408
/subversion/branches/verify-keep-going:1439280-1546110
/subversion/branches/wc-collate-path:1402685-1480384
-/subversion/trunk:1840990-1840991,1840995,1840997,1841059,1841079,1841091,1841098,1841136,1841180,1841272,1841481,1841524-1841525,1841567,1841600-1841602,1841606,1841719,1841725,1841731,1841736,1841742-1841743,1841753-1841754,1841822,1841850,1841867,1842090,1842222-1842223,1842334,1842814,1842827,1842829,1842877,1843888,1844882,1844987,1845204,1845261,1845408,1845555-1845556,1845559,1845577,1846299,1846403,1846406,1846704,1847181-1847182,1847188,1847264,1847377,1847572,1847596,1847598,1847697,1847922,1847924,1847946,1850348,1850621
+/subversion/trunk:1840990-1840991,1840995,1840997,1841059,1841079,1841091,1841098,1841136,1841180,1841272,1841481,1841524-1841525,1841567,1841600-1841602,1841606,1841719,1841725,1841731,1841736,1841742-1841743,1841753-1841754,1841822,1841850,1841867,1842090,1842222-1842223,1842334,1842814,1842827,1842829,1842877,1843888,1844882,1844987,1845204,1845261,1845408,1845555-1845556,1845559,1845577,1846299,1846403,1846406,1846704,1847181-1847182,1847188,1847264,1847377,1847572,1847596,1847598,1847697,1847922,1847924,1847946,1850348,1850621,1851676,1851687,1851791
Modified: subversion/branches/1.11.x/STATUS
URL: http://svn.apache.org/viewvc/subversion/branches/1.11.x/STATUS?rev=1854887&r1=1854886&r2=1854887&view=diff
==============================================================================
--- subversion/branches/1.11.x/STATUS (original)
+++ subversion/branches/1.11.x/STATUS Wed Mar 6 04:00:22 2019
@@ -93,17 +93,6 @@ Veto-blocked changes:
Approved changes:
=================
- * r1851676, r1851687, r1851791
- Allow the use of empty groups in authz rules.
- Justification:
- Fixes regression from 1.9.x. Does not affect authz file semantics.
- Notes:
- - r1851676 adds a regression test.
- - r1851687 fixes the bug and extends the test.
- - r1851791 refers to issue #4802.
- Votes:
- +1: brane, julianfoad, stsp
-
* r1853761
Fix an "unused static function" warning in non-maintainer mode builds.
Justification:
Modified: subversion/branches/1.11.x/subversion/libsvn_repos/authz_parse.c
URL: http://svn.apache.org/viewvc/subversion/branches/1.11.x/subversion/libsvn_repos/authz_parse.c?rev=1854887&r1=1854886&r2=1854887&view=diff
==============================================================================
--- subversion/branches/1.11.x/subversion/libsvn_repos/authz_parse.c (original)
+++ subversion/branches/1.11.x/subversion/libsvn_repos/authz_parse.c Wed Mar 6 04:00:22 2019
@@ -1011,7 +1011,8 @@ close_section(void *baton, svn_stringbuf
/* Add a user to GROUP.
- GROUP is never internalized, but USER always is. */
+ GROUP is never internalized, but USER always is.
+ Adding a NULL user will create an empty group, if it doesn't exist. */
static void
add_to_group(ctor_baton_t *cb, const char *group, const char *user)
{
@@ -1022,7 +1023,8 @@ add_to_group(ctor_baton_t *cb, const cha
members = svn_hash__make(cb->authz->pool);
svn_hash_sets(cb->expanded_groups, group, members);
}
- svn_hash_sets(members, user, interned_empty_string);
+ if (user)
+ svn_hash_sets(members, user, interned_empty_string);
}
@@ -1038,8 +1040,15 @@ expand_group_callback(void *baton,
ctor_baton_t *const cb = baton;
const char *const group = key;
apr_array_header_t *members = value;
-
int i;
+
+ if (0 == members->nelts)
+ {
+ /* Create the group with no members. */
+ add_to_group(cb, group, NULL);
+ return SVN_NO_ERROR;
+ }
+
for (i = 0; i < members->nelts; ++i)
{
const char *member = APR_ARRAY_IDX(members, i, const char*);
@@ -1169,10 +1178,18 @@ array_insert_ace(void *baton,
SVN_ERR_ASSERT(ace->members == NULL);
ace->members = svn_hash_gets(iab->cb->expanded_groups, ace->name);
if (!ace->members)
- return svn_error_createf(
- SVN_ERR_AUTHZ_INVALID_CONFIG, NULL,
- _("Access entry refers to undefined group '%s'"),
- ace->name);
+ {
+ return svn_error_createf(
+ SVN_ERR_AUTHZ_INVALID_CONFIG, NULL,
+ _("Access entry refers to undefined group '%s'"),
+ ace->name);
+ }
+ else if (0 == apr_hash_count(ace->members))
+ {
+ /* TODO: Somehow emit a warning about the use of an empty group. */
+ /* An ACE for an empty group has no effect, so ignore it. */
+ return SVN_NO_ERROR;
+ }
}
APR_ARRAY_PUSH(iab->ace_array, authz_ace_t) = *ace;
Modified: subversion/branches/1.11.x/subversion/tests/cmdline/svnauthz_tests.py
URL: http://svn.apache.org/viewvc/subversion/branches/1.11.x/subversion/tests/cmdline/svnauthz_tests.py?rev=1854887&r1=1854886&r2=1854887&view=diff
==============================================================================
--- subversion/branches/1.11.x/subversion/tests/cmdline/svnauthz_tests.py (original)
+++ subversion/branches/1.11.x/subversion/tests/cmdline/svnauthz_tests.py Wed Mar 6 04:00:22 2019
@@ -965,6 +965,33 @@ def svnauthz_inverted_selector_test(sbox
os.remove(authz_path)
+@Issue(4802)
+def svnauthz_empty_group_test(sbox):
+ "test empty group definition"
+
+ # build an authz file
+ authz_content = ("[groups]\n"
+ "group1 =\n"
+ "group2 = @group1\n"
+ "group3 = @group2, user\n"
+
+
+ "[A:/]\n"
+ "@group1 = rw\n"
+ "@group2 = rw\n"
+ "@group3 = r\n")
+
+ (authz_fd, authz_path) = tempfile.mkstemp()
+ svntest.main.file_write(authz_path, authz_content)
+
+ svntest.actions.run_and_verify_svnauthz(
+ [], None, 0, False, 'validate', authz_path)
+
+ svntest.actions.run_and_verify_svnauthz(
+ 'r', None, 0, False, 'accessof',
+ '--repository', 'A', '--username', 'user', authz_path)
+
+
########################################################################
# Run the tests
@@ -984,6 +1011,7 @@ test_list = [ None,
svnauthz_compat_mode_file_test,
svnauthz_compat_mode_repo_test,
svnauthz_inverted_selector_test,
+ svnauthz_empty_group_test,
]
if __name__ == '__main__':