Ticket #5773 (closed defect: worksforme)
Opened 5 years ago
Last modified 4 years ago
Trac permissions
| Reported by: | ssabhcew@… | Owned by: | jonas |
|---|---|---|---|
| Priority: | normal | Milestone: | |
| Component: | general | Version: | 0.10.4 |
| Severity: | normal | Keywords: | authz |
| Cc: | |||
| Release Notes: | |||
| API Changes: | |||
Description
Hi,
I have this situation:
We use only one repo in svn.
The authentication for trac and svn is one file.
For keep different subproject not to be seen by everybody, I'm using:
AuthzSVNAccessFile = /srv/svn/config/authz
And I've created groups and different permissions for different developers.
But I was surprizsd that when you log into trac, you can browse the source, that is forbidden for you in svn.
How can I made trac read the AuthzSVNAccessFile file and follow its permitions.
Or should I set somehow permitions on every subfolder/project in trac configs ?
Attachments
Change History
comment:1 Changed 5 years ago by ssabchew@…
comment:2 Changed 4 years ago by sid
- Keywords authz added
Did you try updating to the latest version? It seems that this may not have been integrated in your version.... See also wiki:TracDev/SecurityBranch
comment:3 Changed 4 years ago by hyuga <hyugaricdeau@…>
- Priority changed from high to normal
- Resolution set to worksforme
- Status changed from new to closed
You need to point Trac to the authz file with the authz_file option in the [trac] section of your trac.ini file. At any rate, this is a configuration issue.
Well it seams that trac 'understand' only permissions by location like that
Test
@dev = rw
@all = r
If you try to specify the repo like this:
[myrepo:/Test]
@dev = rw
@all = r
it get confused
Even in the apache config I specified:
<Location /trac>
...
...
</Location>
As there will be possibility for using more than one trac.
And the svn config is configured for multiple repos, instead of only one (even for now we use one).
I use SVNParentPath instead SVNPath
P.S. I put a wrong mail when i made the ticket :-(