On Mon, Jan 30, 2012 at 01:14:53PM -0800, K F wrote: > --- On Mon, 1/30/12, Andy Levy <andy.l...@gmail.com> wrote: > > have it setup in the authz file now: > > > [/] > > > @dev = rw > > > @qa = r > > > > > > [/ABC/DEF] > > > @dev1 = rw > > > > > > Do I need to be more specific? > > > > > > > What exactly isn't working? > > > > Is dev1 a group, or an individual? > > > > Do you have the case of the path matched exactly? The rules > > are case-sensitive. > > > > I am able to commit with a login that is in the dev group that is not in the > dev1 group. > > The actual path is /svnrepo/ABC/DEF so I tried > > [/svnrepo/sandbox/tags] > @dev1 = rw > > and that doesn't work either. Based on the example in the file I also tried > > [repository:/svnrepo/sandbox/tags] > @dev1 = rw > > with no luck. Any ideas as to what I am doing wrong?
You'll need to tighten permissions for the 'dev' group in /ABC/DEF also. [/] @dev = rw @qa = r [/ABC/DEF] @dev = r @dev1 = rw See this snippet from http://svnbook.red-bean.com/en/1.7/svn.serverconfig.pathbasedauthz.html "Of course, permissions are inherited from parent to child directory. That means we can specify a subdirectory with a different access policy for Sally: [calc:/branches/calc/bug-142] harry = rw sally = r # give sally write access only to the 'testing' subdir [calc:/branches/calc/bug-142/testing] sally = rw Now Sally can write to the testing subdirectory of the branch, but can still only read other parts. Harry, meanwhile, continues to have complete read/write access to the whole branch." The same applies when restricting access, rather than expanding it.
