Uploaded image for project: 'Subversion'
  1. Subversion
  2. SVN-4206

Revprop edits are checked for read access.

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Invalid
    • Affects Version/s: trunk
    • Fix Version/s: ---
    • Component/s: mod_authz_svn
    • Labels:
      None

      Description

      Revision properties are now checked for read access during propedits. This is
      done by making a GET subrequest to each of the changed paths in that revision.
      GETs are always checked for read access only.
      
      This enables anyone with ONLY read access to a path edit the log message for a
      revision that modified that path.
      
      The attached patch special cases these subrequests by checking for write access
      for all GET requests except if they are subrequests of PROPFIND or REPORT (in
      which case they are checked for read access).
      

      Original issue reported by arwin

        Attachments

        1. 1_revprop_edit_authz.patch.txt
          3 kB
          Subversion Importer

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              subversion-importer Subversion Importer
            • Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: