Branko Čibej created SVN-4795:
---------------------------------
Summary: Support character classes in glob authz rules
Key: SVN-4795
URL: https://issues.apache.org/jira/browse/SVN-4795
Project: Subversion
Issue Type: Improvement
Components: libsvn_repos, svnauthz
Affects Versions: all
Reporter: Branko Čibej
*Proposal*
Change the way section names are parsed in authz files, such that anything
between the initial {{\[}} and the last {{\]}} are treated as the section
name/rule pattern. This will restrict the use of inline comments on rules, but
will allow fuller use of glob patterns.
*Discussion*
Wildcard rules in Subversion's authz file use {{apr_fnmatch()}} to match
patterns to path segments. APR's matcher supports character classes ({{[A-Z]}}
etc.), however, there is no way to use them in the authz file. For example,
given this rule:
{noformat}
[:glob:/**/*.[Dd]oc]
* = rw
{noformat}
the pattern will actually be parsed as "{{/**/*.[Dd}}", which is definitely not
what the user intended and matches, for example, "{{x.[Dd}}" instead of the
expected "{{x.doc}}".
This limitation was present in the authz rules since their inception and is a
side effect of how Subversion's config parser parses section names. See:
{{parse_section_name()}} in {{libsvn_subr/config_file.c}}.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
