You are viewing a plain text version of this content. The canonical link for it is here.
Posted to infrastructure-issues@apache.org by "Paul Joseph Davis (JIRA)" <ji...@apache.org> on 2010/12/06 00:00:10 UTC
[jira] Updated: (INFRA-3160) Hook: Authorization
[ https://issues.apache.org/jira/browse/INFRA-3160?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Paul Joseph Davis updated INFRA-3160:
-------------------------------------
Attachment: pre-receive
Implemented a check against the svn authz file for group permissions on the repository that's being edited.
This hard codes a relative path for the asf-authorization file to be one level above the repos directory which currently works out to be /usr/local/www/tyr.zones.apache.org/. There's also no cron script to automatically refresh the asf-authorization file.
> Hook: Authorization
> -------------------
>
> Key: INFRA-3160
> URL: https://issues.apache.org/jira/browse/INFRA-3160
> Project: Infrastructure
> Issue Type: New Feature
> Security Level: public(Regular issues)
> Components: Git
> Reporter: Paul Querna
> Priority: Trivial
> Attachments: pre-receive
>
>
> Task: Using a pre-receive hook, restrict the user to only write to a repository that they have group write access to.
> Groups are defined in LDAP, but we generally use a static file that is updated after ldap automatically, and it has been suggested that we re-use the svn authz file.
> If not using svn authz file format, write a script that exports to a file format usable by the hook, in addition to the hook script itself.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.