Opened 13 years ago
Last modified 12 years ago
#10110 closed defect
Source browser permission problem with files created with 'svn copy' — at Initial Version
Reported by: | Owned by: | ||
---|---|---|---|
Priority: | normal | Milestone: | 0.12.3 |
Component: | version control/browser | Version: | 0.12 |
Severity: | major | Keywords: | authzpolicy, authzsourcepolicy, svn copy, permissions, subversion |
Cc: | jerome.defavereau@… | Branch: | |
Release Notes: | |||
API Changes: | |||
Internal Changes: |
Description
Hello,
There's a bug (or I presume so) with permissions when a private directory is copied (with 'svn copy') as a new public directory. The children files inherits the permissions set from the initial directory (private) until they gets modified.
The permissions are set in the AuthzPolicy conf file. The problem appears also when setting permissions with AuthzSourcePolicy. When browsing the repository with the apache/webdav/svn sequence and the same authz file as the one used for AuthzSourcePolicy, there's no problem. So I infer it as a Trac problem and not a svn one.
Example:
State 1
Repository state before the 'svn copy':
Directory/File | Revision # | Viewable by anonymous? |
/private/ | 1 | No |
fileA | 1 | No |
State 2
Then, we
$ svn copy private public A public $ svn commit Adding public Committed revision 2.
Let's allow the 'public' dir to be viewable by everybody with the following AuthzPolicy conf file (excerpt):
[repository:*@*/source:/@*] * = BROWSER_VIEW [repository:*@*/source:public@*] * = BROWSER_VIEW [repository:*@*/source:public/*@*] * = BROWSER_VIEW, FILE_VIEW
Now, the repository looks as:
Directory/File | Revision # | Viewable by anonymous? |
/private/ | 1 | No |
fileA | 1 | No |
/public/ | 2 | Yes |
fileA | 1 | No !!! :-( |
The bug: while the 'public' folder can be browsed as an anonymous user, fileA doesn't shows up in the file list of the Trac Browser! :-(
State 3
We can add a new file in public (fileB)
$ touch public/fileB $ svn add public/fileB A public/fileB $ svn commit Adding public/fileB Transmitting file data . Committed revision 3.
Repository state after commit:
Directory/File | Revision # | Viewable by anonymous? |
/private/ | 1 | No |
fileA | 1 | No |
/public/ | 3 | Yes |
fileA | 1 | No !!! |
fileB | 3 | Yes |
fileB displays in the file list of the Trac Browser and its content can be viewed by anonymous (fileA doesn't).
State 4
Finally, modifying public/fileA renders it viewable by anonymous:
$ echo 'yoplaboum' >> public/fileA $ svn commit Sending public/fileA Transmitting file data . Committed revision 4.
Directory/File | Revision # | Viewable by anonymous? |
/private/ | 1 | No |
fileA | 1 | No |
/public/ | 4 | Yes |
fileA | 4 | Yes |
fileB | 3 | Yes |
Summary: State 2 and 3 are not correctly handled by Trac.
Note that at State ≥2 , fileA is correctly displayed when listed/viewed through apache/webdav/svn.