Project

General

Profile

SVN repository username/password confusion

Added by Steve Fallows over 14 years ago

We are using Redmine 0.9.4 and Subversion. When I configure a repository and enter my username and password I can see the repository status fine.

However if I then login as some other username, the username/password for the repository configuration is the set up for the user I just configured. I infer that there is only one username for svn access per project. Is that correct? Is there some rationale for that? Because it seems profoundly wrong to me.

I'm hoping there is something here I am missing....


Replies (3)

RE: SVN repository username/password confusion - Added by Felix Schäfer over 14 years ago

Redmine takes one user per repository. Redmine stores hashes of redmine user passwords, so it can't use them to log in to a repository. Besides that, Redmine cashes repo logs and other stuff at the project level, not at the user level.

RE: SVN repository username/password confusion - Added by sigma sigma over 14 years ago

Are there any plans to enable fine grained access control for subversion, like the one Apache offers? What I would like to do is to configure which part of a repository a user (or group of users) may access. This is crucial with large projects where not everyone should be able to read/write everywhere. How do people currently deal with such a situation?

Unless there is a method to do this already and I've missed it?

RE: SVN repository username/password confusion - Added by Felix Schäfer over 14 years ago

Not sure fine-grained authorization on repositories is in redmine's scope, and this is not doable currently because all permissions are on project level. I also seem to remember there having been some discussion about this that put it outside redmine's scope.

Regarding how to have something similar: we just use some more projects. You could also do it the other way round and implement your own ACLs on the subversion server, but people with "see repository" permission in the project would be allowed to see all, regardless of their permission on the repository itself.

    (1-3/3)