-
Bug
-
Resolution: Fixed
-
Medium
-
2.0.1
-
None
-
Java Version:
1.6.0_16
Java Vendor:
Sun Microsystems Inc.
JVM Version:
14.2-b01
JVM Vendor:
Sun Microsystems Inc.
JVM Runtime:
Java HotSpot(TM) 64-Bit Server VM
Authorization in Subversion doesn't work if users are in nested groups. It works if they are directly in the "subversion" group that is mapped to the subversion application.
We are using the dav_svn.authz file to configure access like this:
- Everyone has read access to the repository
- (unless modified below).
[/]
- = r
- Members of the subversion crowd group can
- read and write to the hole repository project
[/]
@subversion = rw
If users belong directly to group "subversion", they get access, but if they are in a nested group inside "subversion" group, authorization fails.
With Crowd 2.1, we'll be providing a REST API that correctly resolves nesting. We're also working on a version of the svn connector that will use this API and so do nesting properly.