tags:

views:

117

answers:

1

We have an existing Subversion repository that uses LDAP to manage users/passwords. There are some new users who we would like to provide read-only access to SVN. I did some Google searches and found a way to open up read-only access to anonymous users, but this is not what we want. We do not want to open up SVN to everyone. We still want to control login through LDAP, but we would like to prevent certain named users from being able to add/edit/delete.

I am assuming this can be done with a hook (pre-commit?), but I have no experience writing hooks. Can someone show me or point me to an example of how to do this?

A: 

I use an LDAP setup with config similar to:

in /etc/apache2/sites-enabled/mysite

<Location /svn>
  DAV svn
  SVNParentPath /var/svn
  SVNListParentPath on
  AuthBasicProvider ldap
  AuthType Basic
  AuthzLDAPAuthoritative Off
  AuthzSVNAccessFile "/var/svn/conf/svnaccess.conf"
  AuthName "My SVN"
  AuthLDAPBindDN "....."
  AuthLDAPBindPassword "....."
  AuthLDAPURL "....."
  Require valid-user
</Location>

/var/svn/conf/svnaccess.conf

[groups]
readonly = user1, user2

[/]
*=rw
@readonly=r
Reuben Mallaby