#8336 closed defect (fixed)
set svnauthz - cant download anything
Reported by: | Owned by: | ||
---|---|---|---|
Priority: | normal | Milestone: | 1.0.2 |
Component: | version control/browser | Version: | 0.12dev |
Severity: | normal | Keywords: | download, svnauthz, verify, authzsourcepolicy |
Cc: | Branch: | ||
Release Notes: |
Downloading directories as zip now interacts in a more intuitive way with fine grained control permissions. |
||
API Changes: | |||
Internal Changes: |
Description
I've set my svnauthz file like:
[/] * = rw [/users] * = rw [/code] bob = joe = rw
Now, if bob wants to download some files with browse source in root/users/...
as zip archive he gets the error:
Insufficient permissions to access /code
Does this bug exist in newer version than 0.10.4?
Attachments (0)
Change History (15)
comment:1 by , 16 years ago
comment:2 by , 16 years ago
The Problem is that bob can't download folders in /users
, too. I think the bug is, that u need access to the whole repository to download a zip.
comment:3 by , 16 years ago
Resolution: | → worksforme |
---|---|
Status: | new → closed |
There are possibly two issues here, neither of them a Trac bug:
- As ebray says, the
/code
problem is clearly missing permissions in the authz file - All paths are not downloadable by default - the default TracIni setting for
downloadable_paths
says something like/trunk, /branches/*, /tags/*
so unless you have set your other paths there (or just use a '*' wildcard to make all paths downloadable), zip downloads will not work.
Closing as 'worksforme' - quite sure this is an installation issue, and please ask questions of usage on the MailingList or IrcChannel.
comment:4 by , 16 years ago
Resolution: | worksforme |
---|---|
Status: | closed → reopened |
No, am i so bad in explanation ? I've set the downloadable-paths correctly, and i've tested '*', too.
And Bob must not see anything in /code
(thats why bob = ), but Bob should be able to browse and download zips in /users
(bob has rw), but thats impossible cause trac always says bob must have permission to /code
.
What has a download under root/users/...
to do with root/code
? Or why need bob read-access in root/code
to download a file in root/users/...
?
comment:5 by , 16 years ago
Ah. Could you then turn on debug logging, and see if any further explanation is available in the log file? Also: Is the "Download as zip" option available when browsing /users
('alternative formats' at the bottom) - and the error occurs when clicking to download? Final thing to check is if any of the files/folders to download are copied/moved from non-permitted areas, or part of changesets that span both allowed and disallowed locations.
Lastly, 0.10.x is not actively maintained anymore - if anything just important security fixes. If you could try using the same repos + same authz file on a 0.11.5dev test installation, that would be helpful. See if it can be recreated with code somewhat younger than the 2+ years since 0.10.4 was released.
comment:6 by , 16 years ago
I've tested with trac 11.4 - same result, i can't download the user-files. Maybe i'll try trunk, but i'am sure there will be the same result.
comment:8 by , 16 years ago
last 2 posts where mine
I've checked my trac 0.11.4 (the important code is almost exactly the same to trunk).
The Problem is the old_path in the download-link. If i cut this old_path=/
i can download without problems.
For some reason that doesn't work in trac 0.10.4
I think the bug is close to source:trunk/trac/versioncontrol/svn_fs.py@8222#L711
In the case if change != Changeset.ADD:
is true, then path
is /code
comment:9 by , 15 years ago
Keywords: | verify added |
---|---|
Milestone: | → 0.12.1 |
comment:10 by , 13 years ago
I think this will get solved when we switch the implementation of download to the browser module, like #8919 does.
comment:11 by , 12 years ago
Milestone: | next-minor-0.12.x → 1.0.2 |
---|
Probably fixed by r11744, to be tested.
comment:12 by , 12 years ago
Resolution: | → fixed |
---|---|
Status: | reopened → closed |
Indeed, it seems to work as one would expected now.
comment:13 by , 12 years ago
Owner: | set to |
---|
comment:14 by , 12 years ago
Release Notes: | modified (diff) |
---|
comment:15 by , 11 years ago
Keywords: | authzsourcepolicy added |
---|
How exactly is this a bug? Your authz file denies bob read access to
/code
.