I've been managing an academic installation where several users need access to
their own paths in the repository, but to nobody else's. Our authz file looks
something like:
# One for each student
[/student/jstudent]
jstudent = rw
[/student/scoobydoo]
scoobydoo = rw
# and so on...
# One for each student
[/student/jstudent/project1/tags/final]
jstudent = r
[/student/scoobydoo/project1/tags/final]
scoobydoo = r
# and so on...
As is readily obvious, this approach becomes very tedious, very quickly. What
would be great is a wildcard mechanism for the username, something like:
[/student/$user]
$user = rw
[/student/$user/project1/tags/final]
$user = r
Looking into the way that our authorization code checks access, this isn't as
straight forward as one would think, mainly due to authz file caching and path
lookup. I'm filing this issue so I don't forget the idea, and so I can attach
some tests to it.
Improvement
Major