You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@subversion.apache.org by da...@apache.org on 2021/08/14 12:34:23 UTC
svn commit: r1892334 -
/subversion/trunk/subversion/tests/cmdline/authz_tests.py
Author: danielsh
Date: Sat Aug 14 12:34:23 2021
New Revision: 1892334
URL: http://svn.apache.org/viewvc?rev=1892334&view=rev
Log:
Add a regression test for issue #4878, "DELETE /file requires
svn_authz_recursive, fails due to glob rules".
* subversoin/tests/cmdline/authz_tests.py
(delete_file_with_starstar_rules): New test.
(test_list): Run it.
Modified:
subversion/trunk/subversion/tests/cmdline/authz_tests.py
Modified: subversion/trunk/subversion/tests/cmdline/authz_tests.py
URL: http://svn.apache.org/viewvc/subversion/trunk/subversion/tests/cmdline/authz_tests.py?rev=1892334&r1=1892333&r2=1892334&view=diff
==============================================================================
--- subversion/trunk/subversion/tests/cmdline/authz_tests.py (original)
+++ subversion/trunk/subversion/tests/cmdline/authz_tests.py Sat Aug 14 12:34:23 2021
@@ -1732,6 +1732,38 @@ def empty_group(sbox):
sbox.repo_url)
+@Issue(4878)
+@XFail(svntest.main.is_ra_type_dav)
+@Skip(svntest.main.is_ra_type_file)
+def delete_file_with_starstar_rules(sbox):
+ "delete file with ** rules"
+
+ # mod_dav_svn unnecessarily requires svn_authz_recursive access on DELETE of
+ # a file. See:
+ #
+ # https://mail-archives.apache.org/mod_mbox/subversion-users/202107.mbox/%3C20210731004148.GA26581%40tarpaulin.shahaf.local2%3E
+ # https://mail-archives.apache.org/mod_mbox/subversion-dev/202107.mbox/%3C20210731004148.GA26581%40tarpaulin.shahaf.local2%3E
+ # (Both links go to the same message.)
+ #
+ # The test will XPASS if the glob rule is removed.
+ #
+ # Note that the /**/lorem rule can't possibly match ^/iota, but its existence
+ # nevertheless affects the results of the authz check.
+
+ sbox.build(create_wc = False)
+
+ write_restrictive_svnserve_conf(sbox.repo_dir)
+
+ prefixed_rules = dict()
+ prefixed_rules[':glob:/**/lorem'] = '* = \n'
+ prefixed_rules['/'] = '%s = rw\n' % (svntest.main.wc_author,)
+ prefixed_rules['/A'] = '%s = \n' % (svntest.main.wc_author,)
+ prefixed_rules['/iota'] = '%s = rw\n' % (svntest.main.wc_author,)
+ write_authz_file(sbox, None, prefixed_rules = prefixed_rules)
+
+ svntest.main.run_svn(None, 'rm', sbox.repo_url + '/iota', '-m', 'rm by URL')
+
+
########################################################################
# Run the tests
@@ -1771,6 +1803,7 @@ test_list = [ None,
inverted_group_membership,
group_member_empty_string,
empty_group,
+ delete_file_with_starstar_rules,
]
serial_only = True