--- On Mon, 1/30/12, Stefan Sperling <s...@elego.de> wrote:
> From: Stefan Sperling <s...@elego.de> > Subject: Re: Limited subdirectory access > To: "K F" <cmkfo...@yahoo.com> > Cc: "Andy Levy" <andy.l...@gmail.com>, users@subversion.apache.org > Date: Monday, January 30, 2012, 9:32 PM > On Mon, Jan 30, 2012 at 01:14:53PM > -0800, K F wrote: > > --- On Mon, 1/30/12, Andy Levy <andy.l...@gmail.com> > wrote: > > > have it setup in the authz file now: > > > > [/] > > > > @dev = rw > > > > @qa = r > > > > > > > > [/ABC/DEF] > > > > @dev1 = rw > > > > > > > > Do I need to be more specific? > > > > > > > > > > What exactly isn't working? > > > > > > Is dev1 a group, or an individual? > > > > > > Do you have the case of the path matched exactly? > The rules > > > are case-sensitive. > > > > > > > I am able to commit with a login that is in the dev > group that is not in the dev1 group. > > > > The actual path is /svnrepo/ABC/DEF so I tried > > > > [/svnrepo/sandbox/tags] > > @dev1 = rw > > > > and that doesn't work either. Based on the example in > the file I also tried > > > > [repository:/svnrepo/sandbox/tags] > > @dev1 = rw > > > > with no luck. Any ideas as to what I am doing wrong? > > You'll need to tighten permissions for the 'dev' group in > /ABC/DEF also. > [/] > @dev = rw > @qa = r > > [/ABC/DEF] > @dev = r > @dev1 = rw > > See this snippet from > http://svnbook.red-bean.com/en/1.7/svn.serverconfig.pathbasedauthz.html > "Of course, permissions are inherited from parent to > child directory. > That means we can specify a subdirectory with a > different access policy > for Sally: > > [calc:/branches/calc/bug-142] > harry = rw > sally = r > > # give sally write access only to the 'testing' > subdir > [calc:/branches/calc/bug-142/testing] > sally = rw > > Now Sally can write to the testing subdirectory of > the branch, but can > still only read other parts. Harry, meanwhile, > continues to have > complete read/write access to the whole branch." > > The same applies when restricting access, rather than > expanding it. > I realize my explanation is wrong, my apologies. It is actually repo ABC with 40+ folders under it. I want to limit who has access to one of the folders (DEF). After looking at the svnbook, I thought the following would work but it is still not working: [ABC:/DEF] @dev = r @dev1 = rw
