Feature #3875
open
Fully integration Redmine-SVN (as Gforge-CVS)
Added by Bruno Prado about 15 years ago.
Updated over 13 years ago.
Description
In my company we implemented the integreation Redmine-SVN this way:
Redmine can read SVN (default);
User accesses Redmine via LDAP;
Users added to projects via Redmine (default);
Permissions of checkout/commit in SVN varying accordinly to if the project in Redmine is public/private (default);
Access to SVN verified via Apache - it looks for the entries in Redmine DB if the user is a member of the project, then can checkout/commit, using login/password from LDAP.
But this integration is very simple: if the project is public, anyone can make checkout but only users added to the project can commit. If the project is private, only members of the project can checkout/commit.
It would help if the access to the DB was totally controled by Redmine: using roles, we could define which type of access each member has in the repository (viwer, only checkout, only commit, free access, etc).
As comparison, Gforge does this integration with CVS.
I am in the process of implementing the same setup. I was hoping that i would be able to configure subversion access to be controlled according to the roles defined in redmine.
Bruno Prado's feature request suggests that this is not possible. Could someone confirm that?
I already have integrated ldap authentication in redmine. Does it make a difference regarding the granularity of subversion access control?
Actually, LDAP doesn't do anything further than authentication. All the authentication process can remain as it is. Explaning better my request, is something like this: depending on the access level (or role) a user has in Redmine, Redmine allows or denyes some SVN interations. For example, a viewer in Redmine cannot commit changes in SVN.
I don't know if it a acceptable solution for you but take a look at this patch
You will be able to control read and write access to subversion using REDMINE permissions (and roles).
If you need more, you can modify it to control authorization to all HTTP methods used by subversion (OPTIONS, PROPFIND, GET, REPORT, MKACTIVITY, PROPPATCH, PUT, CHECKOUT, MKCOL, MOVE, COPY, DELETE, LOCK, UNLOCK, and MERGE)...
Thanks, Arnaud. I'll test it as soon as possible and write down here if it solves my problem or not.
Thanks for all.
- Category set to SCM extra
Also available in: Atom
PDF
Updated by 
Updated by 
Updated by 
Updated by Toshi MARUYAMA