Uploaded image for project: 'Subversion'
  1. Subversion
  2. SVN-4833

Exclusion markers incorrectly excluding users not in authz file

Attach filesAttach ScreenshotAdd voteVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Major
    • Resolution: Unresolved
    • 1.11.x
    • None
    • mod_authz_svn
    • None

    Description

      See attached svn_access_test for data for test cases:

      This file contains two groups:

      1. user-group is a list of users (which might be used for specific repository access);
        membership of this group: namedUser
      2. blocked-group is a list of users who are to be blocked;
        membership of this group: blockedUser

      svn_access_test contains a rule for the top level access which declares that anyone NOT in the blocked-group should get read-write access. Users in the blocked-group should get read-only access.

      TEST CASES

      1. What access does namedUser have?
        $ svnauthz accessof svn_access_test --username namedUser
        rw

        Result: PASS

      1. What access does blockedUser have?
        $ svnauthz accessof svn_access_test --username blockedUser
        r

        Result: PASS

      1. What access does unnamedUser (a user who is authenticated to access Subversion but not mentioned in the authz file) have?
        $ svnauthz accessof svn_access_test --username unnamedUser
        r

        Result: FAIL


       The fact that users who are not mentioned in the authz file (which is a valid use case) are incorrectly interpretted as being in the blocked-group (IMHO) is a bug.

      Attachments

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            Unassigned Unassigned
            dgrierso David Grierson

            Dates

              Created:
              Updated:

              Issue deployment