Commits of copies and moves anchor the edit on the common parent directory of
the copy src and tgt. And at the moment, we seem to pass that anchor as the URI
to our final ra_dav MERGE request.
mod_authz_svn is validating the URI passed to MERGE, when really, it's pretty
meaningless at the moment. We always merge the entire activity; the URI is
ignored by mod_dav_svn, so mod_authz_svn should ignore it as well. (This might
change someday when we support a broader range of deltaV MERGE requests.)
At the moment, mod_authz_svn is actually preventing commits from happening when
they shouldn't. There's no need to have write access to the anchor of the
commit when changing two target. It's overly restrictive.
The best solution is to have mod_authz_svn simply do a "generic write check" for
both MKACTIVITY and MERGE, ignoring the URIs to both requests. Sander has
mentioned that such a check might require a bit more coding. But hey, this can
be a weekend project for him. Assigning to Sander.
Bug
Major
