> > Do you need to restrict READ access to the branch or tag, or do you > > simply want to restrict COMMIT access. > > Thanks for the response. We need both, but restricting read access is > the main concern at the moment. So far, I only know of AuthUserFile > for controlling read access. > > > If you just want to restrict commit access, you can use a pre-commit > > hook to kill a commit transaction if the user who doesn't have > > permission attempts to change a tag or branch. > > Good to know. I'll check into the script you've mentioned. At the > moment, we've removed read access to /tags for most users. But this > is not a good long term solution.
I should say we've removed both read and write access to /tags for most users. > > By the way, there's also a way to configure Apache httpd to use LDAP > > instead of a regular text file. This means that users will have access > > to your Subversion repository based upon their Windows or Unix account > > and that users will automatically get logins and have their access > > removed when they get hired or move on. > > That's something we'll definitely consider. We have some other quirks > with account management to sort out first :) > > Best, > Shaun >