Subversion's permission setting function provides a reliable guarantee for the safe access of code. By setting different user permissions and group permissions, various roles are clearly divided, and the code is shared while ensuring that the code is not damaged.
When building multiple repositories, each repository has its own configuration file, and user permissions and group permissions can be configured individually. For simplicity, point all the repositories to the same configuration file, and configure them uniformly in this configuration file.
1. Specify the root directory
First, specify a root directory, assuming C:\VersionLib, under which all version libraries exist. Then start the svnserve service. For the specific steps, see my previous article "Subversion Installation and Configuration Guide". It should be noted that the startup directory is C:\VersionLib, which points to the root directory and does not point to any specific version library.
2. Create a version library
Create subdirectories in C:\VersionLib, such as prj1 and prj2, and subdirectories can also be created in subdirectories, such as shanghai and xian in prj2. The directory structure is as follows:
VersionLib
-prj1
-prj2
-shanghai
- Xian then builds three version libraries in prj1, shanghai, and xian
respectively, and copies the passwd and authz files to the VersionLib directory for unified configuration
3. Configure the version library
(1) Modify the svnserve.conf of the three version libraries File
Turn on authorization permissions:
anon-access = none
auth-access = write
Modify svnserve.conf in the prj1 repository: (point to the root directory)
password-db = ..\..\passwd
authz-db = ..\..\authz
Modify svnserve.conf in the other two repositories: (point to root)
password-db = ..\..\. .\passwd
authz-db = ..\..\..\authz
(2) Modify the passwd file in the root directory
Create a user and password in the passwd file:
[users]
qianxin = qx
yiyu = yy
gongyu = gy
zhaoming = zm
dai = dai
yinjun = yj
wangying = wy
A total of 7 users have been created
(3) Modify the authz file in the root directory and
set permissions in authz:
[groups] #Group
prj1_group = dai,gongyu,wangying
prj2_sh_group = zhaoming,yinjun
prj2_xa_group = qianxin, yiyu
[/] #Root directory, that is, all version libraries (including prj1, prj2)
qianxin = rw #Administrator
[prj1:/] #prj1 project
qianxin = rw #Because "* = r" is specified, the parent directory permissions are overwritten Inheritance, so you need to specify the administrator's access rights to the repository
@prj1_group = rw #Group permissions, you must add @
* = r #Permissions for everyone except the prj1_group group
[prj2/shanghai:/] #The shanghai project in
prj2 qianxin = rw #Same as above
@prj2_sh_group = rw
* = #No one except the prj2_sh_group group can access the repository
[prj2/xian:/] #xian project in
prj2 prj2_xa_group = rw
Note:
subdirectories inherit the access permissions of the parent directory. If the administrator is specified to have read and write permissions to the root directory, the administrator also has read and write permissions to the subdirectories write permission.
However, if you set * = in the subdirectory to cut off the inheritance of the parent directory permissions, you must set the administrator permissions to rw in the subdirectory, the following setting is problematic:
[arm:/]
qianxin = rw
[arm:/diary/shanghai]
dai = rw
gongyu = rw
* =
The import cannot be done because the administrator qianxin does not have any permissions on /diary/shanghai (import requires write permissions on all directories). The correct way is to also add "qianxin = rw" to the permission configuration of the subdirectory.
4. Access
the repository Access each repository (import, export) through the following URLs:
svn://localhost/prj1
svn://localhost/prj2/shanghai
svn://localhost/prj2/xian
Reprinted from: http://www.cnblogs.com/bigshow/archive/2008/10/13/1310366.html