HeX wrote: > I'm talking about the authz file used by trac to handle fine-grained > permissions not the svn authz file. The latter 0.12 no longer cares > about (if I understood you correctly).
In fact, the SVN authz file will now give BROWSER_VIEW, FILE_VIEW,
CHANGESET_VIEW and LOG_VIEW based on the paths you configure. For
example, if you have:
[projects:/foo]
anonymous = r
Then anonymous will get BROWSER_VIEW and FILE_VIEW for all paths below
/foo. Also, it will get CHANGESET_VIEW and LOG_VIEW for all changesets
that contain at least one path below /foo, and when displaying those
changesets, it will only show the files below /foo
This should not be confused with the authz_policy.py permission policy,
which allows managing permissions to any Trac resource like wiki pages
and tickets. It has a configuration with similar syntax, but the analogy
more or less stops here.
So in your case: don't specify any of BROWSER_VIEW, FILE_VIEW,
CHANGESET_VIEW and LOG_VIEW in the "global" permissions ("trac-admin
permission" or the "Permissions" admin panel), configure your SVN authz
file to restrict access to SVN, and pass the file to Trac in [trac]
authz_file. Trac will then enforce the same restrictions as SVN.
Note that the names of your repositories must be the same in SVN and in
Trac.
-- Remy
signature.asc
Description: OpenPGP digital signature
