On Wed, Jul 28, 2010 at 7:59 PM, Luiz Guilherme Kimel <lki...@dba.com.br> wrote: > Hello there, > > > > I’m implementing a subversion repository that keeps project management > artefacts. In other words, we are using SVN for document management. And > everything was going right until we find that managers need to keep status > of allocated human resources salaries and this can’t be accessed by everyone > in the project. Ok, let’s use path-based auth, but then comes a question: > what to do with tags? > > > > Example path-based settings for a project: > > > > [svn:/projects/project-abc/tags/] > > @team=r > > @cm=rw > > [svn:/projects/project-abc/trunk/] > > @team=rw > > [svn:/projects/project-abc/trunk/releases] > > @team=r > > @cm=rw > > [svn:/projects/project-abc/trunk/planning] > > # no change > > [svn:/projects/project-abc/trunk/costs] > > @team= > > @maganement=rw > > > > My requirements: > > > > 1) I want that the “costs” directory will be writeable only by > management group while under the trunk folder; > > 2) I want that the “costs” directory will be readeable and just > readeable to management group once under tags folder; > > 3) I don’t want to have to specify different path-based auth rules for > each new tag… > > 4) It’s desireable that the configuration management group (cm group) > is able to generate tags, but still can’t read the “costs” directory! > > > > Am I dreaming? It would be wonderful if I were able to specify path-based > auth like this: > > > > [svn:/projects/project-abc/tags/*/costs] > > *= > > @maganement=r > > > > [svn:/projects/project-abc/trunk/costs] > > *= > > @maganement=rw >
Unfortunately, you can't do that right now. FYI, there is an open enhancement request in the issue tracker for this feature: http://subversion.tigris.org/issues/show_bug.cgi?id=2662 - authz with wildcards It seems to be a very useful feature, which comes up quite frequently on this list. Some patches have been proposed in the issue tracker, but for some reason they haven't been applied... -- Johan
