You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@subversion.apache.org by ha...@apache.org on 2020/12/20 16:33:03 UTC
svn commit: r1884647 - /subversion/site/staging/docs/release-notes/1.14.html
Author: hartmannathan
Date: Sun Dec 20 16:33:03 2020
New Revision: 1884647
URL: http://svn.apache.org/viewvc?rev=1884647&view=rev
Log:
In 'staging': 1.14 release notes: Document issue #4762 fixed in r1882326
* docs/release-notes/1.14.html:
(compat-misc-authz): New subsection of "Compatibility Concerns" to document
changed behavior of authz following fix for issue #4762.
(issues-authz-4762) New subsection: Document r1882326, merged to 1.14.x
branch in r1884590, awaiting release in 1.14.1.
Modified:
subversion/site/staging/docs/release-notes/1.14.html
Modified: subversion/site/staging/docs/release-notes/1.14.html
URL: http://svn.apache.org/viewvc/subversion/site/staging/docs/release-notes/1.14.html?rev=1884647&r1=1884646&r2=1884647&view=diff
==============================================================================
--- subversion/site/staging/docs/release-notes/1.14.html (original)
+++ subversion/site/staging/docs/release-notes/1.14.html Sun Dec 20 16:33:03 2020
@@ -208,7 +208,6 @@ an existing working copy.</p>
</div> <!-- compatibility-shelving -->
-<!-- (This section only makes sense when there are some issues listed in it.)
<div class="h3" id="compat-misc">
<h3>Miscellaneous Compatibility Notes
<a class="sectionlink" href="#compat-misc"
@@ -219,8 +218,42 @@ an existing working copy.</p>
release might necessitate further adjustment by administrators or
users. We'll cover those in this section.</p>
-</div> <!- - compat-misc - ->
--->
+<div class="h4" id="compat-misc-authz">
+<h4>Path-based authorization compatibility
+ <a class="sectionlink" href="#compat-misc-authz"
+ title="Link to this section">¶</a>
+</h4>
+
+<p>A fix for <a href="https://issues.apache.org/jira/browse/SVN-4762?issueNumber=4762"
+>Issue #4762</a> may change the way path-based authorization rules are applied
+in some circumstances.</p>
+
+<p>Background: Subversion 1.10 introduced a new implementation of path-based
+authorization (authz) to deliver wildcard support and improved performance
+over that of Subversion 1.9 and earlier. From Subversion 1.10 through 1.14.0,
+the new implementation did not correctly combine global rules with repository
+rules: if a global rule and a per-repository rule were both present for a
+path, the global rule would be ignored and the per-repository rule would
+apply by itself. As a result, from Subversion 1.10 through 1.14.0, it was not
+possible to override per-path access rules for specific users (or groups) at
+the global level.</p>
+
+<p>This issue is fixed in 1.14.1, making it possible once again to override
+per-path access rules for specific users (and groups) at the global level.
+Such global rules are overridden by repository-specific rules only if
+both the user and the path match the repository-specific rule.</p>
+
+<p class="todo">TODO: Show examples of authz syntax and explain how they are
+interpreted before and after the fix.</p>
+
+<p>Administrators whose authz rules rely on the incorrect behavior in 1.10
+through 1.14.0 may need to adjust their rules accordingly.</p>
+
+<p>See <a href="http://svn.apache.org/r1882326">r1882326</a>.
+
+</div> <!-- compat-misc-authz -->
+
+</div> <!-- compat-misc -->
</div> <!-- compatibility -->
@@ -1447,6 +1480,25 @@ abort with an assertion failure:</p>
</div> <!-- issues-filesizes-human-readable -->
+<div class="h3" id="issues-authz-4762">
+<h3>Path-based authorization doesn't combine global and per-repository rules
+ <a class="sectionlink" href="#issues-authz-4762"
+ title="Link to this section">¶</a>
+</h3>
+
+<p>Subversion 1.10.0 through 1.14.0 did not combine global and per-repository
+rules: if a global rule and a per-repository rule were both present for a
+path, the global rule would be ignored and the per-repository rule would apply
+by itself.</p>
+
+<p>See <a href="https://issues.apache.org/jira/browse/SVN-4762?issueNumber=4762"
+>Issue #4762</a> and <a href="http://svn.apache.org/r1882326">r1882326</a>.</p>
+
+<p>See <a href="#compat-misc-authz"> for compatibility notes relating to this
+change.</p>
+
+</div> <!-- issues-authz-4762 -->
+
<div class="h3" id="issues-other">
<h3>Other issues
<a class="sectionlink" href="#issues-other"