I need to setup a SVN repository which the devgroup should have full privilege to read and write except for two sub folders /1 and /2.
For /1 and /2, four users should have write permission and all other users should only have read permission.
I put the following into the configuration file, but people in devgroup still have write permission in /1 and /2.
Any help would be highly appreciated.
[project:/]
@devgroup = rw
[project:/1]
@devgroup = r
user1 = rw
user2 = rw
user3 = rw
user4 = rw
[project:/2]
@devgroup = r
user1 = rw
user2 = rw
user3 = rw
user4 = rw
Best Answer
You cannot remove permissions from a user already granted, therefore, by providing read/write access at the root of the repository to the
@devgroup
you have provided it to all sub-trees.The way I would achieve this is by segregating your project areas into different repositories with different permissions and then using the
svn:externals
property to bundle these into the top level repo.The
svn:externals
property can be set on any versioned directory, and its value is a multi-line table of subdirectories (relative to the versioned directory on which the property is set), optional revision flags, and fully qualified, absolute Subversion repository URLs.When someone checks out a working copy of the project repo , Subversion also continues to check out the items found in its externals definition.
You can then place restrictions upon the two restricted repositories to prevent the
@devgroup
users from updating these, whilst still getting them when they checkout the main project repo.