Once you have created your SVN repositories, you may also wish to configure permissions to control who has access to your files.
By default, anonymous users are allowed unrestricted read/write access to a new repository without being prompted for a username or password. This is fine for getting started quickly, however in most situations you would probably want to restrict this to only allow access to authorized users.
Users
menu link.Create a New User
.Create
.Subversion Permissions
menu link and select the repository you wish to configure permissions for.edit
link next to the default anonymous user.denied
option, and click Update Rule
.add
button next to the root /
path to add a new rule.Add Rule
to apply the permission.Now, if you attempt to access the repository URL using your web-browser or Subversion client (e.g. TortoiseSVN), you will be prompted for a username and password and must supply the appropriate user credentials to match the configured rules.
On this page it is also possible to assign fine grain control to different paths within the repository. For example, you may wish to only assign read/write permissions for the tags/
directory to one user, and allow read-only access to everyone. This might be done in order to prevent tagged versions of files from being accidentally modified.
Subversion Permissions
menu link and select the repository you wish to configure permissions for.tags/
) and click Add
.add
link, as per the instructions above.Note: Path permissions are cumulative, and in order to allow access for a user to a specific path, it is necessary to ensure that they have access to all the paths above it also. For example, even though you may have assigned permissions to the tags/
path, unless you have also assigned permissions to the root /
then the user will not be able to access any paths under it, and hence be unable to access tags/
either.
In most cases you would normally only restrict access to the entire repository (i.e the root path /
). Its only in specific cases that you would restrict sub-paths (e.g. the tags/
example above), but in doing so you must make sure that the users with access to the sub-path also have access to the parent path.
In addition to assigning permissions to individual users, you can also create Groups of users (e.g. developers, testers, admin, etc), and assign permissions to the group instead. This can simplify the process of managing permissions for a large number of users by avoiding having to assign permission to each User individually.
Note: Groups are identified in the rule list by an @
symbol (e.g. @developers). Likewise, rules can be assigned to *anonymous
to permit or restrict access from unauthenticated users.
You must be logged in to post a comment.