Access Control

Access to whole repositories or branches can be configured using groups and users lists. This allows very granular access rights.

svnadmin/svnaccess

The access control list of the subversion repositories is located within the svn repository. The repository owner has read and write access by default and can modify the file svnadmin/svnaccess to grant access to other people. Each repository contains an example svnadmin/svnaccess file which can be changed:

[groups]
mygroup=myuser,myseconduser

[reponame:/folder]
@mygroup=rw
mythirduser=rw

[reponame:/secret]
myself = rw
myuser = r
* =

Delegation

A svnadmin folder containing a svnaccess file can be added anywhere in the tree to control access below. This allows the repository owner to delegate access rights management of a branch to another user or group of users.

Activation on Commit

During commit all svnaccess files are all parsed and aggregated and the commit is denied whenever a syntax error or a security problem is found.

Authentication

Authentication is done using the ETH user name and the ETH password for web applications.

Page URL: https://isg.inf.ethz.ch/bin/view/Main/ServicesVersionControlSubversionAccessControl
2024-12-21
© 2024 Eidgenössische Technische Hochschule Zürich