Tuesday, 15 May 2012

svn - Subversion, checkout and restrictions issue -



svn - Subversion, checkout and restrictions issue -

if have repo, repo1 100 folders in , want user checking out have access 2 of folders, dir1 , dir2.

how can done using checkout repo1 folder. svn co svn://repo1 dest

i cant seem find efficient way of restricting access other 98 folders without individually writing restriction line in authz file.

if have

[/] user = [/repo1/dir1] user = rw [/repo1/dir2] user = rw

i cannot checkout repo1 folder not have access it. have access it, folders inherit access.

any help appreciated!!

try like:

[groups] dev = fred, bill, sue [/] * = r @dev = rw [/repo1/] user = r [/repo1/dir2] user = rw [/repo1/dir12] user = rw [/repo1/dir72] user = rw

this says has read access default, dev grouping has read-write everywhere , 'user' has rw in 3 specific paths.

note permissions apply downwards , default nobody has permissions anywhere. more info can found here.

in general strategy to:

set default whole repository users should have. structure repository reflect project groupings logically grouping user permissions logically. consider groupings of users & roles. bear in mind permissions percolate downwards

so instead of:

top-level- - hundreds of directories

with hundreds of user permissions seek construction things more like:

top-level - mutual utilities - command line utilities - gui utilities - web utilities - database stuff - hardware projects - hw_1 - hw_2 - client projects - retail customers - client - client b - wholesale customers etc.

then can have grouping of users maintainers utilities, customers, 1 databases, etc., (bearing in mind 1 user can fellow member of more 1 group. these permissions set, group, in area , default below, (nested within), , need set permissions on individual groups special, i.e. must worked on specific people.

also maintain in mind svn version command system long not giving admin rights away can undo, revert, bad changes. if have people untrustworthy must not allow them because much harm right reply train them, move them role cannot harm or fire them.

svn

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)