Subversion Limit Access to Subdirectory


#1

I have searched through the forums (not a very good search engine btw) and google and I have not found an answer.

Here is the scenario:

I have set up a subversion repository for work in a cerain project using the Torque Game Engine Advanced. The TGEA requires a license to be able to access the engine code. Not all of the team has a license, however, it is legal for them to maintain the torque scripts as long as I don’t give them access to the SDK. I only want one repository (if possible), but I want to limit those who do not have a torque license from accessing the engine code.

One person suggested nesting repositories. I don’t see that I have that option and even if I did, I don’t think that is a good idea.

Any assistance is appreciated.

Derik Wilson


#2

svnserve allows path based authorization.

Read the svnserve section and the section on “Path-Based Authorization” (Server Configuration chapter) in the svnbook.


#3

I have “version control with Subversion” by Ben Collins-Susman, but nothing they tell me works. I try connecting to my repo while in SSH so that I can use svnserve like they say, but it says that the repo does not exist.

Any additional information is appreciated.

I even went in and modified passwrd and authz creating a programmer group and then placing names under the [visionshead:/path/to/source] and that didn’t work.

Derik Wilson


#4

The server seems to totally ignore authz and passwd files (even after modifying the config file to point to them). So I tried updating my visionshead.access file (after submitting the user accoun in the panel because the password gets hashed for visionshead.passwd).

I got it to work by placing the users under the proper paths once I create the account. The only problem is that I have to restructure the visionshead.access file every time I submit an account via the panel because it overwrites the entire file. Is there any way around that? I would input the passwords manually but I don’t know how the server hashes them and aparently they need to be hashed (which is fine by me, more secure).

Derik Wilson


#5

It uses the same hashing scheme as htpasswd uses as the default (MD5?)

You can just use htpasswd to create the hashed password entries in the *.passwd files and add the entries the *.access files manually.


#6

Thanks!
It’s definitely not a single MD5 if it is MD5. I tried MD5 and they weren’t even close. For now I just created the user in the panel and then reposted the overwritten access file again after I manually added the user. I guess I will have to do that for now.

Also, I have noticed the Subversion makes it very difficult to restructure a directory structure. In TortoiseSVN I can only “SVN move” within the same directory (not including sub directories). What moron of a Dev thought that would be useful?

Derik Wilson


#7

Just shell in and use htpasswd to add users:

htpasswd /path/to/your.passwd userName

As for the svn move, not sure what you’re trying to do, but I’ve never found it difficult to restructure things. If I have a bunch of moves to do, I usually use the command line client.


#8

Thanks for the help all! I got it down now, and I wrote a tutorial for the rest of my team administrators so that they will know how to do all this as well.

Derik Wilson