/[smecontribs]/rpms/smeserver-subversion/contribs7/smeserver-subversion-1.4-ImplementReadWriteAccess4.patch
ViewVC logotype

Contents of /rpms/smeserver-subversion/contribs7/smeserver-subversion-1.4-ImplementReadWriteAccess4.patch

Parent Directory Parent Directory | Revision Log Revision Log | View Revision Graph Revision Graph


Revision 1.1 - (show annotations) (download)
Sun Feb 24 16:04:08 2008 UTC (16 years, 8 months ago) by snetram
Branch: MAIN
CVS Tags: smeserver-subversion-1_4-8_el4_sme, smeserver-subversion-1_4-24_el4_sme, smeserver-subversion-1_4-25_el4_sme, smeserver-subversion-1_4-30_el4_sme, smeserver-subversion-1_4-14_el4_sme, smeserver-subversion-1_4-17_el4_sme, smeserver-subversion-1_4-13_el4_sme, smeserver-subversion-1_4-0_el4_sme, smeserver-subversion-1_4-29_el4_sme, smeserver-subversion-1_4-34_el4_sme, smeserver-subversion-1_4-5_el4_sme, smeserver-subversion-1_4-21_el4_sme, smeserver-subversion-1_4-31_el4_sme, smeserver-subversion-1_4-12_el4_sme, smeserver-subversion-1_4-35_el4_sme, smeserver-subversion-1_4-1_el4_sme, smeserver-subversion-1_4-2_el4_sme, smeserver-subversion-1_4-33_el4_sme, smeserver-subversion-1_4-6_el4_sme, smeserver-subversion-1_4-20_el4_sme, smeserver-subversion-1_4-18_el4_sme, smeserver-subversion-1_4-28_el4_sme, smeserver-subversion-1_4-11_el4_sme, smeserver-subversion-1_4-10_el4_sme, smeserver-subversion-1_4-23_el4_sme, smeserver-subversion-1_4-27_el4_sme, smeserver-subversion-1_4-32_el4_sme, smeserver-subversion-1_4-22_el4_sme, smeserver-subversion-1_4-26_el4_sme, smeserver-subversion-1_4-4_el4_sme, smeserver-subversion-1_4-16_el4_sme, smeserver-subversion-1_4-15_el4_sme, smeserver-subversion-1_4-3_el4_sme
* Sat Feb 23 2008 Jonathan Martens <smeserver-contribs@snetram.nl>
- 1.4-0
- Removed skel folder should have been obsoleted since 1.2-8 [SME: 3079]
- Implement read/write access for user(s) and group(s) [SME: 3964]
- Allow anonymous access [SME: 3976]
- Removed leftover refferences to modAuthzSVN [SME: 3971]
- Fixed incorrect dates in spec files changelog

1 --- smeserver-subversion-1.4/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/28SubversionContent.ImplementReadWriteAccess4 2008-02-24 16:55:12.000000000 +0100
2 +++ smeserver-subversion-1.4/root/etc/e-smith/templates/etc/httpd/conf/httpd.conf/VirtualHosts/28SubversionContent 2008-02-24 16:56:15.000000000 +0100
3 @@ -47,7 +47,7 @@
4 my %properties = $repository->props;
5
6 my $error = "";
7 - my $forceSSL;
8 + my $forceSSL = '';
9
10 my $allow;
11 my $pass;
12 @@ -82,9 +82,6 @@
13 $pass = 0;
14 $satisfy = 'all';
15
16 - $error .= " # - Illegal or no value set for AccessType:\n";
17 - $error .= " # Only allowing access from localhost\n";
18 -
19 }
20
21 }
22 @@ -120,204 +117,221 @@
23 my $SVNAutoVersioning = $properties{'SVNAutoVersioning'} || 'off';
24 my $ModMimeUsePathInfo = $properties{'ModMimeUsePathInfo'} || 'off';
25
26 - # Always have a section for a virtualhost at port 80 and only if neccesarry
27 - # (when authentification is required and therefore passwords are transmitted)
28 - # for a virtualhost at port 443.
29 - if ( ( ($pass eq 0) && ($port eq 80) ) || ( ($pass) || ($forceSSL) ) ) {
30 -
31 - $OUT .= "\n";
32 - $OUT .= " #------------------------------------------------------------\n";
33 - $OUT .= " # $key repository directory ($properties{'Description'})\n";
34 - $OUT .= " # Some error(s) occurred:\n$error" if ($error);
35 - $OUT .= " #------------------------------------------------------------\n";
36 -
37 - my $allowOverride = $properties{'AllowOverride'} || "None";
38 + my $allowOverride = $properties{'AllowOverride'} || "None";
39
40 - my $usersRead;
41 - my @listRead;
42 + my $usersRead;
43 + my $groupsRead = '';
44 + my @listRead;
45
46 - if ($properties{'GroupsRead'}) {
47 + if ($properties{'GroupsRead'}) {
48
49 - my @groupsRead = split (/,/, $properties{'GroupsRead'});
50 + my @groupsRead = split (/,/, $properties{'GroupsRead'});
51
52 - foreach my $groupRead (@groupsRead) {
53 + foreach my $groupRead (@groupsRead) {
54
55 - my $membersRead = $db_accounts->get_prop($groupRead, 'Members') || "";
56 + my $membersRead = $db_accounts->get_prop($groupRead, 'Members') || "";
57
58 - if (length($membersRead) > 0) {
59 + if (length($membersRead) > 0) {
60
61 - push @listRead, split (/,/, $membersRead);
62 + push @listRead, split (/,/, $membersRead);
63
64 - }
65 -
66 }
67 -
68 +
69 }
70
71 - if ($properties{'UsersRead'}) {
72 + }
73
74 - push @listRead, split (/,/, $properties{'UsersRead'});
75 + if ($properties{'UsersRead'}) {
76
77 - }
78 + push @listRead, split (/,/, $properties{'UsersRead'});
79
80 - if (@listRead > 1) {
81 + }
82
83 - @listRead = sort(@listRead);
84 + if (@listRead > 1) {
85
86 - }
87 + @listRead = sort(@listRead);
88
89 - my $prevRead = '';
90 - @listRead = grep($_ ne $prevRead && (($prevRead) = $_), @listRead);
91 + }
92
93 - $usersRead = join(" ", @listRead) || '';
94 + my $prevRead = '';
95 + @listRead = grep($_ ne $prevRead && (($prevRead) = $_), @listRead);
96
97 - undef @listRead;
98 + $usersRead = join(" ", @listRead) || '';
99
100 - my $usersWrite;
101 - my @listWrite;
102 + undef @listRead;
103
104 - if ($properties{'GroupsWrite'}) {
105 + my $usersWrite;
106 + my $groupsWrite = '';
107 + my @listWrite;
108
109 - my @groupsWrite = split (/,/, $properties{'GroupsWrite'});
110 + if ($properties{'GroupsWrite'}) {
111
112 - foreach my $groupWrite (@groupsWrite) {
113 + my @groupsWrite = split (/,/, $properties{'GroupsWrite'});
114
115 - my $membersWrite = $db_accounts->get_prop($groupWrite, 'Members') || "";
116 + foreach my $groupWrite (@groupsWrite) {
117
118 - if (length($membersWrite) > 0) {
119 + my $membersWrite = $db_accounts->get_prop($groupWrite, 'Members') || "";
120
121 - push @listWrite, split (/,/, $membersWrite);
122 + if (length($membersWrite) > 0) {
123
124 - }
125 + push @listWrite, split (/,/, $membersWrite);
126
127 }
128
129 }
130
131 - if ($properties{'UsersWrite'}) {
132 + }
133
134 - push @listWrite, split (/,/, $properties{'UsersWrite'});
135 + if ($properties{'UsersWrite'}) {
136
137 - }
138 + push @listWrite, split (/,/, $properties{'UsersWrite'});
139
140 - if (@listWrite > 1) {
141 + }
142
143 - @listWrite = sort(@listWrite);
144 + if (@listWrite > 1) {
145
146 - }
147 + @listWrite = sort(@listWrite);
148
149 - my $prevWrite = '';
150 - @listWrite = grep($_ ne $prevWrite && (($prevWrite) = $_), @listWrite);
151 + }
152
153 - $usersWrite = join(" ", @listWrite) || '';
154 + my $prevWrite = '';
155 + @listWrite = grep($_ ne $prevWrite && (($prevWrite) = $_), @listWrite);
156
157 - undef @listWrite;
158 + $usersWrite = join(" ", @listWrite) || '';
159
160 - # Only when authentification is required or SSL is forced
161 - if ( ($pass) || ($forceSSL) ) {
162 -
163 - # Enable RewriteRule only when neccesarry:
164 - # - when we are configureing the VirtualDomain for a non-secured port
165 - # - when module for SSL is loaded
166 - # - when plaintext passwords are not allowed
167 - # - when HTTP over SSL is forced
168 - if ( ($port ne "443") && ($haveSSL eq 'yes') && ( ($plainTextAccess ne 'yes') || ($forceSSL) ) ) {
169 -
170 - $OUT .= "\n";
171 - $OUT .= " RewriteEngine on\n";
172 - $OUT .= " RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)\n";
173 - $OUT .= " RewriteRule .* - [F]\n";
174 - $OUT .= "\n";
175 - $OUT .= " RewriteRule ^/$key(/.*|\$) https://%{HTTP_HOST}/$key\$1 [L,R]\n";
176 + undef @listWrite;
177
178 - }
179 + $OUT .= "\n";
180 + $OUT .= " #------------------------------------------------------------\n";
181 + $OUT .= " # $key repository directory ($properties{'Description'})\n";
182 + $OUT .= " #------------------------------------------------------------\n\n";
183
184 - # Enable authentification only when required and SSL is provided
185 - if ( ($pass) && ($port eq "443") ) {
186 + # port = 80 &&
187 + # forceSSL = yes || pass = 1
188 + # groupsWrite ne "" &&
189 + # groupsRead || usersRead
190 + # groupsRead && usersRead
191 + # usersWrite ne "" &&
192 + # groupsRead || usersRead
193 + # groupsRead && usersRead
194 +
195 + if ( ($port eq 80) && ( ($forceSSL eq 'yes') || ($pass eq 1) || ($groupsRead ne "") || ($usersRead ne "") || ( ($groupsRead ne "") && ($usersRead ne "") ) ) ){
196 +
197 + $OUT .= " # Redirecting: Only access over SSL allowed\n";
198 + $OUT .= " RewriteEngine on\n";
199 + $OUT .= " RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)\n";
200 + $OUT .= " RewriteRule .* - [F]\n";
201 + $OUT .= " RewriteRule ^/$key(/.*|\$) https://%{HTTP_HOST}/$key\$1 [L,R]\n\n";
202 +
203 + } else {
204 +
205 + if ( ( ($port eq 80) && ($forceSSL ne 'yes') && ($pass ne 1) ) || ($port eq 443) ) {
206 +
207 + if ($port eq 443) {
208
209 - $OUT .= "\n";
210 $OUT .= " AddExternalAuth pwauth /usr/lib/httpd/modules/pwauth\n";
211 - $OUT .= " SetExternalAuthMethod pwauth pipe\n";
212 + $OUT .= " SetExternalAuthMethod pwauth pipe\n\n";
213
214 }
215 -
216 - }
217
218 - $OUT .= "\n";
219 - $OUT .= " <Location /$key>\n";
220 + $OUT .= " <Location /$key>\n\n";
221
222 - $OUT .= "\n";
223 - $OUT .= " DAV svn\n";
224 - $OUT .= " SVNPath /home/e-smith/files/repositories/$key\n";
225 -
226 - $OUT .= "\n";
227 - $OUT .= " SVNAutoVersioning $SVNAutoVersioning\n";
228 - $OUT .= " ModMimeUsePathInfo $ModMimeUsePathInfo\n";
229 -
230 - $OUT .= "\n";
231 - $OUT .= " Options None\n";
232 - $OUT .= " AllowOverride $allowOverride\n";
233 - $OUT .= " order deny,allow\n";
234 - $OUT .= " deny from all\n";
235 -
236 - # Only allow when really allowed:
237 - # - a secure connection is available and authentification is required
238 - # - authentification is not required and no SSL is forced
239 - # - a secure connection is unavailable
240 - if ( ($port eq "443") || ( ($pass eq 0) && ($forceSSL eq 0) ) || ($haveSSL ne 'yes') ) {
241 + $OUT .= " DAV svn\n";
242 + $OUT .= " SVNPath /home/e-smith/files/repositories/$key\n\n";
243
244 - $OUT .= " allow from $allow\n";
245 + $OUT .= " SVNAutoVersioning $SVNAutoVersioning\n\n";
246 + $OUT .= " ModMimeUsePathInfo $ModMimeUsePathInfo\n\n";
247
248 - # Enable authentification against the SME Server users and groups when required
249 - if ($pass) {
250 + if ( ($port eq 443) && ( ($forceSSL eq 'yes') || ($pass eq 1) ) && ($groupsWrite ne "") || ($usersWrite ne "") || ($groupsRead ne "") || ($usersRead ne "") ) {
251
252 - $OUT .= "\n";
253 $OUT .= " AuthName \"$properties{'Description'}\"\n";
254 $OUT .= " AuthType Basic\n";
255 - $OUT .= " AuthExternal pwauth\n";
256 + $OUT .= " AuthExternal pwauth\n\n";
257
258 + }
259
260 - if ($usersRead) {
261 + $OUT .= " # Read access:\n";
262 + $OUT .= " # Anonymous access\n" unless ( ($groupsRead ne "") || ($usersRead ne "") );
263 + $OUT .= " # Group(s): " . ($groupsRead || "none") . "\n" unless ($groupsRead eq "");
264 + $OUT .= " # User(s) : " . ($usersRead || "none") . "\n" unless ($usersRead eq "");
265
266 - $OUT .= " <Limit GET PROPFIND OPTIONS REPORT>\n";
267 - $OUT .= " Require user $usersRead\n";
268 - $OUT .= " </Limit>\n";
269 +# $OUT .= " <LimitExcept GET PROPFIND OPTIONS REPORT>\n";
270 + $OUT .= " <Limit GET PROPFIND OPTIONS REPORT>\n";
271
272 - }
273 + $OUT .= " order deny,allow\n";
274 + $OUT .= " deny from all\n";
275
276 - if ($groupsRead) {
277 + if ( ( ($groupsRead eq "") && ($usersRead eq "") ) || ( ( ($groupsRead ne "") || ($usersRead ne "") ) && ($port eq 443) ) ) {
278
279 - $OUT .= " <Limit GET PROPFIND OPTIONS REPORT>\n";
280 - $OUT .= " Require group $groupsRead\n";
281 - $OUT .= " </Limit>\n";
282 + $OUT .= " allow from $allow\n";
283 + $OUT .= " Require group $groupsRead\n" unless ($groupsRead eq "");
284 + $OUT .= " Require user $usersRead\n" unless ($usersRead eq "");
285
286 - }
287 + } else {
288
289 - if ($usersWrite) {
290 + $OUT .= " # Denying access:\n";
291 + $OUT .= " # User authentication required this requires SSL\n";
292
293 - $OUT .= " <LimitExcept GET PROPFIND OPTIONS REPORT>\n";
294 - $OUT .= " Require user $usersWrite\n";
295 - $OUT .= " </LimitExcept>\n";
296 + }
297
298 - }
299 + $OUT .= " Satisfy $satisfy\n";
300 +# $OUT .= " </LimitExcept>\n\n";
301 + $OUT .= " </Limit>\n\n";
302 +
303 + $OUT .= " # Full access:\n";
304 + $OUT .= " # Anonymous access\n" unless ( ($groupsWrite ne "") || ($usersWrite ne "") );
305 + $OUT .= " # Group(s): " . ($groupsWrite || "none") . "\n" unless ($groupsWrite eq "");
306 + $OUT .= " # User(s) : " . ($usersWrite || "none") . "\n" unless ($usersWrite eq "");
307 +
308 +# $OUT .= " <Limit GET PROPFIND OPTIONS REPORT>\n";
309 + $OUT .= " <LimitExcept GET PROPFIND OPTIONS REPORT>\n";
310 +
311 + $OUT .= " order deny,allow\n";
312 + $OUT .= " deny from all\n";
313 +
314 + if (
315 + ( ($port eq 443) &&
316 + (
317 + ( ($groupsRead eq "") && ($usersRead eq "") ) ||
318 + ( ($groupsWrite eq "") || ($usersWrite eq "") ) && ( ($groupsRead eq "") && ($usersRead eq "") ) ||
319 + ( ($usersRead ne "") && ( ($groupsWrite ne "") || ($usersWrite ne "") || ( ($groupsWrite ne "") && ($usersWrite ne "") ) ) ) ||
320 + ( ($groupsRead ne "") && ( ($groupsWrite ne "") || ($usersWrite ne "") || ( ($groupsWrite ne "") && ($usersWrite ne "") ) ) )
321 + )
322 + ) || (
323 + ($port eq 80) &&
324 + ( ($groupsWrite eq "") && ($usersWrite eq "") && ($groupsRead eq "") && ($usersRead eq "") )
325 + )
326 + ) {
327 +
328 + $OUT .= " allow from $allow\n";
329 + $OUT .= " Require group $groupsWrite\n" unless ($groupsWrite eq "");
330 + $OUT .= " Require user $usersWrite\n" unless ($usersWrite eq "");
331 +
332 + } else {
333 +
334 + $OUT .= " # Denying access:\n";
335
336 - if ($groupsWrite) {
337 + if ( ($groupsRead ne "") || ($usersRead ne "") || ( ($groupsRead ne "") && ($usersRead ne "") ) ) {
338
339 - $OUT .= " <LimitExcept GET PROPFIND OPTIONS REPORT>\n";
340 - $OUT .= " Require group $groupsWrite\n";
341 - $OUT .= " </LimitExcept>\n";
342 + $OUT .= " # Read authentication required, no anonymous write access allowed\n";
343
344 - }
345 + } else {
346
347 - $OUT .= " require valid-user\n" if ( ($usersRead eq '') && ($groupsRead eq '') && ($usersWrite eq '') && ($groupsWrite eq '') );
348 - $OUT .= " Satisfy $satisfy\n";
349 + $OUT .= " # SSL required, no access allowed without.\n";
350 + }
351
352 }
353
354 - }
355 + $OUT .= " Satisfy $satisfy\n";
356 +# $OUT .= " </Limit>\n\n";
357 + $OUT .= " </LimitExcept>\n\n";
358 +
359 +# $OUT .= " Satisfy $satisfy\n\n";
360 +# $OUT .= " Satisfy any\n\n";
361
362 - $OUT .= "\n";
363 - $OUT .= " </Location>\n";
364 + $OUT .= " </Location>\n\n";
365 +
366 + }
367
368 }
369

admin@koozali.org
ViewVC Help
Powered by ViewVC 1.2.1 RSS 2.0 feed