We have a group of 300 developers. All of them will have rw access to one of the repos, but a small group of them - let's call them contractors - should not be allowed to read any other repo but that one. If I am to understand path based authorization correctly we are going to have to include all developers except for the contractors in the AuthzSVNAccessFile and place them in a group. Then for each repo we distinctly define access for this group, and for the one repo that anyone can have access to, just use the * variable. Our setup is Apache, mod_dav, svn. Am I understanding correctly or is there a shorter way?
Asked
Active
Viewed 77 times
1
-
Consider moving to VisualSVN Server. VisualSVN Server Standard Edition (free one) supports authorization rules based on Active Directory group accounts: https://www.visualsvn.com/server/screenshots/screenshot2.png. – bahrep Apr 23 '15 at 09:59
1 Answers
0
Yeah, pretty much - in the authorization file you unfortunately can't do something like utilize an LDAP group.
For your sanity, you might consider automatically generating the authorization file via a configuration management tool's template system, depending on how you're currently managing the user accounts.
Shane Madden
- 112,982
- 12
- 174
- 248