Author: svn-role Date: Wed Mar 6 04:00:22 2019 New Revision: 1854887 URL: http://svn.apache.org/viewvc?rev=1854887&view=rev Log: Merge the r1851676 group from trunk:
* r1851676, r1851687, r1851791 Allow the use of empty groups in authz rules. Justification: Fixes regression from 1.9.x. Does not affect authz file semantics. Notes: - r1851676 adds a regression test. - r1851687 fixes the bug and extends the test. - r1851791 refers to issue #4802. Votes: +1: brane, julianfoad, stsp Modified: subversion/branches/1.11.x/ (props changed) subversion/branches/1.11.x/STATUS subversion/branches/1.11.x/subversion/libsvn_repos/authz_parse.c subversion/branches/1.11.x/subversion/tests/cmdline/svnauthz_tests.py Propchange: subversion/branches/1.11.x/ ------------------------------------------------------------------------------ --- svn:mergeinfo (original) +++ svn:mergeinfo Wed Mar 6 04:00:22 2019 @@ -100,4 +100,4 @@ /subversion/branches/verify-at-commit:1462039-1462408 /subversion/branches/verify-keep-going:1439280-1546110 /subversion/branches/wc-collate-path:1402685-1480384 -/subversion/trunk:1840990-1840991,1840995,1840997,1841059,1841079,1841091,1841098,1841136,1841180,1841272,1841481,1841524-1841525,1841567,1841600-1841602,1841606,1841719,1841725,1841731,1841736,1841742-1841743,1841753-1841754,1841822,1841850,1841867,1842090,1842222-1842223,1842334,1842814,1842827,1842829,1842877,1843888,1844882,1844987,1845204,1845261,1845408,1845555-1845556,1845559,1845577,1846299,1846403,1846406,1846704,1847181-1847182,1847188,1847264,1847377,1847572,1847596,1847598,1847697,1847922,1847924,1847946,1850348,1850621 +/subversion/trunk:1840990-1840991,1840995,1840997,1841059,1841079,1841091,1841098,1841136,1841180,1841272,1841481,1841524-1841525,1841567,1841600-1841602,1841606,1841719,1841725,1841731,1841736,1841742-1841743,1841753-1841754,1841822,1841850,1841867,1842090,1842222-1842223,1842334,1842814,1842827,1842829,1842877,1843888,1844882,1844987,1845204,1845261,1845408,1845555-1845556,1845559,1845577,1846299,1846403,1846406,1846704,1847181-1847182,1847188,1847264,1847377,1847572,1847596,1847598,1847697,1847922,1847924,1847946,1850348,1850621,1851676,1851687,1851791 Modified: subversion/branches/1.11.x/STATUS URL: http://svn.apache.org/viewvc/subversion/branches/1.11.x/STATUS?rev=1854887&r1=1854886&r2=1854887&view=diff ============================================================================== --- subversion/branches/1.11.x/STATUS (original) +++ subversion/branches/1.11.x/STATUS Wed Mar 6 04:00:22 2019 @@ -93,17 +93,6 @@ Veto-blocked changes: Approved changes: ================= - * r1851676, r1851687, r1851791 - Allow the use of empty groups in authz rules. - Justification: - Fixes regression from 1.9.x. Does not affect authz file semantics. - Notes: - - r1851676 adds a regression test. - - r1851687 fixes the bug and extends the test. - - r1851791 refers to issue #4802. - Votes: - +1: brane, julianfoad, stsp - * r1853761 Fix an "unused static function" warning in non-maintainer mode builds. Justification: Modified: subversion/branches/1.11.x/subversion/libsvn_repos/authz_parse.c URL: http://svn.apache.org/viewvc/subversion/branches/1.11.x/subversion/libsvn_repos/authz_parse.c?rev=1854887&r1=1854886&r2=1854887&view=diff ============================================================================== --- subversion/branches/1.11.x/subversion/libsvn_repos/authz_parse.c (original) +++ subversion/branches/1.11.x/subversion/libsvn_repos/authz_parse.c Wed Mar 6 04:00:22 2019 @@ -1011,7 +1011,8 @@ close_section(void *baton, svn_stringbuf /* Add a user to GROUP. - GROUP is never internalized, but USER always is. */ + GROUP is never internalized, but USER always is. + Adding a NULL user will create an empty group, if it doesn't exist. */ static void add_to_group(ctor_baton_t *cb, const char *group, const char *user) { @@ -1022,7 +1023,8 @@ add_to_group(ctor_baton_t *cb, const cha members = svn_hash__make(cb->authz->pool); svn_hash_sets(cb->expanded_groups, group, members); } - svn_hash_sets(members, user, interned_empty_string); + if (user) + svn_hash_sets(members, user, interned_empty_string); } @@ -1038,8 +1040,15 @@ expand_group_callback(void *baton, ctor_baton_t *const cb = baton; const char *const group = key; apr_array_header_t *members = value; - int i; + + if (0 == members->nelts) + { + /* Create the group with no members. */ + add_to_group(cb, group, NULL); + return SVN_NO_ERROR; + } + for (i = 0; i < members->nelts; ++i) { const char *member = APR_ARRAY_IDX(members, i, const char*); @@ -1169,10 +1178,18 @@ array_insert_ace(void *baton, SVN_ERR_ASSERT(ace->members == NULL); ace->members = svn_hash_gets(iab->cb->expanded_groups, ace->name); if (!ace->members) - return svn_error_createf( - SVN_ERR_AUTHZ_INVALID_CONFIG, NULL, - _("Access entry refers to undefined group '%s'"), - ace->name); + { + return svn_error_createf( + SVN_ERR_AUTHZ_INVALID_CONFIG, NULL, + _("Access entry refers to undefined group '%s'"), + ace->name); + } + else if (0 == apr_hash_count(ace->members)) + { + /* TODO: Somehow emit a warning about the use of an empty group. */ + /* An ACE for an empty group has no effect, so ignore it. */ + return SVN_NO_ERROR; + } } APR_ARRAY_PUSH(iab->ace_array, authz_ace_t) = *ace; Modified: subversion/branches/1.11.x/subversion/tests/cmdline/svnauthz_tests.py URL: http://svn.apache.org/viewvc/subversion/branches/1.11.x/subversion/tests/cmdline/svnauthz_tests.py?rev=1854887&r1=1854886&r2=1854887&view=diff ============================================================================== --- subversion/branches/1.11.x/subversion/tests/cmdline/svnauthz_tests.py (original) +++ subversion/branches/1.11.x/subversion/tests/cmdline/svnauthz_tests.py Wed Mar 6 04:00:22 2019 @@ -965,6 +965,33 @@ def svnauthz_inverted_selector_test(sbox os.remove(authz_path) +@Issue(4802) +def svnauthz_empty_group_test(sbox): + "test empty group definition" + + # build an authz file + authz_content = ("[groups]\n" + "group1 =\n" + "group2 = @group1\n" + "group3 = @group2, user\n" + + + "[A:/]\n" + "@group1 = rw\n" + "@group2 = rw\n" + "@group3 = r\n") + + (authz_fd, authz_path) = tempfile.mkstemp() + svntest.main.file_write(authz_path, authz_content) + + svntest.actions.run_and_verify_svnauthz( + [], None, 0, False, 'validate', authz_path) + + svntest.actions.run_and_verify_svnauthz( + 'r', None, 0, False, 'accessof', + '--repository', 'A', '--username', 'user', authz_path) + + ######################################################################## # Run the tests @@ -984,6 +1011,7 @@ test_list = [ None, svnauthz_compat_mode_file_test, svnauthz_compat_mode_repo_test, svnauthz_inverted_selector_test, + svnauthz_empty_group_test, ] if __name__ == '__main__':