SVN. ACL different repositories with same name

By | January 12, 2018
Questions:

I have a SVN server running on a Ubuntu Server with Apache dav-svn module to access it over http.

I have projects of several clients, so i have created a tree structure on /var/svn

/var/svn/client_1
/var/svn/client_1/project_1
/var/svn/client_1/project_2
...
/var/svn/client_2
/var/svn/client_2/project_1
/var/svn/client_2/project_2

Each project is a new repository, when I need to create a new project i do the following

Create a new repository in the client folder

svnadmin create /var/svn/client_X/project_Y

Create a new entry on dav_svn_conf

<Location /client_X>
  DAV svn
  SVNParentPath /var/svn/client_X

  AuthType Basic
  AuthName "Subversion Repository"
  AuthUserFile /etc/apache2/dav_svn.passwd
  Require valid-user
  AuthzSVNAccessFile /etc/apache2/svn-acl.txt
</Location>

So at this moment i can access through:
https://my_svn_server.com/client_x/project_y

In the /etc/apache2/svn-acl.txt file i have full control over all repositories

[/]
my_user=rw

Now i want to give access to a client to the projects he owns, but i can’t do it. If I use the repository name he have access to all repositories of other clients

[project_1:/]
client_user=rw

He can access to client_1/project_1 and client_2/project_1

I would like to do the following:

[client_1:/]
client_user=rw

How can I do it? should I change the way I create the repositories?

Thanks for the answers.

Answers:

I would recommend not using SVN’s ACL and instead use Apache/HTTP Auth to manage the URL space with Location rules and simple Allow and Deny

Leave a Reply

Your email address will not be published. Required fields are marked *