I'm not sure this is a bug or the documentation is wrong, or I'm misunderstanding the concept.
The setup and config: Redhat Enterprise Linux AS release 4 (October Update 7) Apache 2.2.16 Subversion version 1.6.12 from Collabnet mod_authz_svn.so built from Subversion sources 1.6.13 (uses 1.6.12 libs at runtime) In the SVN doc: Section 6.5 Path-Based Authorization [paint:/projects/paint] jane = r @paint-developers = rw Another important fact is that the first matching rule is the one which gets applied to a user. In the prior example, even though Jane is a member of the paint-developers group (which has read/write access), the jane = r rule will be discovered and matched before the group rule, thus denying Jane write access. My authz file: [groups] Administrators = admin, r.thompson, john.robbins SE-tech = r.thompson, john.robbins, test.user [/] #start with everyone has read access * = r @Administrators = rw [SystemEngineering:/trunk] test.user = r @Administrators = rw @SE-tech = rw I am not getting the results as described in the documentation. I thought excluding a user from write access even though they were a member of an rw group was kind of handy. I have observed this behavior in both svn and http protocols. Even though the test.user has been designated as "r" on the trunk, that user can still commit to the SystemEngineering/trunk repository folder. Any help or clarification would be greatly appreciated. Bob Johnson CGI - Insurance Sector Columbia, S.C. (803)917-7751
