Yes, the current solution is only suitable if you're fine with public
visibility of paths and log messages (the actual data is of course not
accessible).
> I then proceeded to write some code to fix this problem and support
> per-directory access for the logs, that correlates with actual
> repository access, assuming per-directory controls exists. It
> basically consists of reading in and parsing the appropriate
> mod_authz_svn access file, getting the authenticated user from
> $_SERVER['REMOTE_USER'], and checking whether, according to the read
> access file, that user is allowed to view the specified target.
>
> Was simply wondering if you would like me to contribute this code, as
> I certainly found a need for it, and I expect others who use per-
> directory access will to.
Yes. Contributions are always welcome. You can post patches to this
list or ask me for write access to the svn sources.
We have used $_SERVER['REMOTE_USER'] in some applications (not Repos
Style). A problem that I know of is that browsers handle same-host
paths differently: sometimes users can login to repo/project/trunk/
and the credentials will be sent automatically at repos-web/open/log,
sometimes users have to log in again.
/Staffan
/Staffan
On Mon, Jun 16, 2008 at 4:37 PM, Kazar <monkey...@gmail.com> wrote:
>
> Ok, it's just a seperate file with two functions in it - what's your
> preference, do you want all the code in log.php, or are you ok with an
> include?
>
Include is good.
/Staffan