Feature #13538
open
Role Based Access Control on Subversion commit log
0%
Description
Abstruct
Extending RBAC on Subversion commit log increase the value of Redmine.
Observation
Human-being fails sometimes in typing, or identifying his | her changes on a write-once system, such as SCMs.
On the other hand, based on "depravity" theory, once one have a device to rewrite his scribe, he | she start depending on the facility and stop reviewing before committing it, or even start tricking colleagues...
Cure should be a control mechanism.
Analysis
Redmine reflects Subversion's (and possibly any other SCM's) changes to the views by modeling the information on a table sets "changesets", "changes", "changesets_issues".
Subversion has an API as hooks to validate revprop-change requests and notify it to external program.
Suggested Implementation
- Add role-based permission for SCM's commit log change, and declare it to users - Redmine's feature
- Add utilization script which validate log change request against the permission above, at such as Subversion's pre-revprop-change - User's responsibility, but hope provided in extra/svn
- Add utilization script which notify to Redmine by posting a record in Redmine's DB, that the log change request was validated and processed against certain revision of the repository - User's responsibility, but hope provided in extra/svn
- Add batch script which fetch the notification record above, and update the related records - Redmine's feature
- Invoke the batch script above periodically - User's responsibility
Related issues
No data to display