Subversion Limit Access to Subdirectory

I have searched through the forums (not a very good search engine btw) and google and I have not found an answer.

Here is the scenario:

I have set up a subversion repository for work in a cerain project using the Torque Game Engine Advanced. The TGEA requires a license to be able to access the engine code. Not all of the team has a license, however, it is legal for them to maintain the torque scripts as long as I don’t give them access to the SDK. I only want one repository (if possible), but I want to limit those who do not have a torque license from accessing the engine code.

One person suggested nesting repositories. I don’t see that I have that option and even if I did, I don’t think that is a good idea.

Any assistance is appreciated.

Derik Wilson

svnserve allows path based authorization.

Read the svnserve section and the section on “Path-Based Authorization” (Server Configuration chapter) in the svnbook.

I have “version control with Subversion” by Ben Collins-Susman, but nothing they tell me works. I try connecting to my repo while in SSH so that I can use svnserve like they say, but it says that the repo does not exist.

Any additional information is appreciated.

I even went in and modified passwrd and authz creating a programmer group and then placing names under the [visionshead:/path/to/source] and that didn’t work.

Derik Wilson

The server seems to totally ignore authz and passwd files (even after modifying the config file to point to them). So I tried updating my visionshead.access file (after submitting the user accoun in the panel because the password gets hashed for visionshead.passwd).

I got it to work by placing the users under the proper paths once I create the account. The only problem is that I have to restructure the visionshead.access file every time I submit an account via the panel because it overwrites the entire file. Is there any way around that? I would input the passwords manually but I don’t know how the server hashes them and aparently they need to be hashed (which is fine by me, more secure).

Derik Wilson

It uses the same hashing scheme as htpasswd uses as the default (MD5?)

You can just use htpasswd to create the hashed password entries in the *.passwd files and add the entries the *.access files manually.

It’s definitely not a single MD5 if it is MD5. I tried MD5 and they weren’t even close. For now I just created the user in the panel and then reposted the overwritten access file again after I manually added the user. I guess I will have to do that for now.

Also, I have noticed the Subversion makes it very difficult to restructure a directory structure. In TortoiseSVN I can only “SVN move” within the same directory (not including sub directories). What moron of a Dev thought that would be useful?

Derik Wilson

Just shell in and use htpasswd to add users:

htpasswd /path/to/your.passwd userName

As for the svn move, not sure what you’re trying to do, but I’ve never found it difficult to restructure things. If I have a bunch of moves to do, I usually use the command line client.

Thanks for the help all! I got it down now, and I wrote a tutorial for the rest of my team administrators so that they will know how to do all this as well.

Derik Wilson