Project

General

Profile

Actions

Patch #17748

open

Subrepositories Fail to Authenticate Internal Users upon Subversion Checkout

Added by David Pettifor over 9 years ago. Updated over 9 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
SCM extra
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:

Description

  • DBMS: PostgreSQL 8.4.20
  • Ruby 1.9.3p547
  • Rails 3.2.13
  • Redmine 2.2.4.stable.11981

We have setup Apache 2.2.5 to host subversion repositories created in our local directory "/var/svn/". We can browse these repositories through Redmine just fine. However, when an internal Redmine user tries to checkout a secondary repository using a local "svn checkout" command, they would fail to authenticate against any of these secondary repositories of a given project of which they are a member.

We tracked down the issue and found it to be located in the "Redmine.pm" file, located at

/extra/svn/Redmine.pm

If we look at Line 246 (http://www.redmine.org/projects/redmine/repository/entry/trunk/extra/svn/Redmine.pm#L246), we are only gathering repository permission for a project whose identifier matches the repository identifier. This is bad in at least two cases:

  1. If the repository is named something different than the project identifier (such as project identifier is "myproject" but the repository is at "/var/svn/myproj")
  2. If we have secondary repositories which of course would have a different identifier than the project's identifier

To fix this, we need to modifiy line 246 to include any repository identifer or where the repository's URL matches:

AND (projects.identifier=?
OR projects.id IN (SELECT project_id FROM repositories WHERE identifier = ?)
OR projects.id IN (SELECT project_id FROM repositories WHERE url LIKE '%/'||?)
)

Of course, we'll also need to pass in the project identifier another two times when the Perl string is compiled upon execution, which happens on line 461 (or 464 with the added code above):

$sth->execute($redmine_user, $project_id, $project_id, $project_id);

I hope this is a good solution for anyone having the same issues out there, and hope that this (or an adaptation of this) is included in some future release!

Actions #1

Updated by Toshi MARUYAMA over 9 years ago

  • Category changed from Accounts / authentication to SCM extra
Actions

Also available in: Atom PDF