'=?utf-8?q?=5BSubversion_Wiki=5D_Update_of_=22AuthzImprovements=22_by_bran?= =?utf-8?q?e?='

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       subversion-commits
Subject:    =?utf-8?q?=5BSubversion_Wiki=5D_Update_of_=22AuthzImprovements=22_by_bran?= =?utf-8?q?e?=
From:       Apache subversion Wiki <commits () subversion ! apache ! org>
Date:       2014-07-31 2:59:50
Message-ID: 20140731025950.94780.1138 () eos ! apache ! org
[Download RAW message or body]

Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Subversion Wiki" for change \
notification.

The "AuthzImprovements" page has been changed by brane:
https://wiki.apache.org/subversion/AuthzImprovements?action=diff&rev1=2&rev2=3

   never matches a '/' except for the case of "/**/" where it matches
   one to many full segments.
  
+ {{{#!wiki caution
+ '''Missing definitions:'''
+ 
+ This doc does not provide an unambiguous definition of the pattern syntax.
+  * Does `foo*` match "foo"? If it does, does a single `*` match 0-or-1 segment, or \
is it an exception? +  * Is `/**/foo` hungry (i.e., does it match the longest subpath \
that ends in "foo", or the first path segment that starts with "foo")? +  * Does `**` \
match 0-or-more or 1-or-more segments? +  * What about wildcard escaping in patterns? \
Our current authz rules allow matching literal "*". + 
+ — Brane}}}
+ 
  
  == Terminology ==
  
@@ -77, +88 @@

   * Parsing an authz file (from file system or repository)
   yields a consolidated hash (additive sections being combined
   automatically) of it contents in svn_config_t.
+ 
+ {{{#!wiki caution 
+ This is the current behaviour of the authz files, but only because we happen to use \
an `svn_config_t` to represent a parsed authz files. I suggest we should constrain \
the semantics for authz rules: +  * No rule may appear more than once in the authz \
file. +  * Value placeholders (`%(name)s`) are not expanded.
+ 
+ This implies writing a different constructor for the in-memory authz structure, but \
is consistent with the intent, if not the current semantics, of the authz files. + 
+ — Brane}}}
  
   * Filtered path rule tree
    * prefix tree with one node per segment
@@ -136, +156 @@

  	rights    : none | r | w | rw
  }}}
  
+ {{{#!wiki caution
+ '''Correction:'''
+ 
+ There is no such thing as write-only access in our authz model. Access rights can \
be only `none`, `r` or `rw`. This needs to be fixed throughout this doc. + 
+ — Brane}}}
+ 
  ==== Lookup state ====
  {{{
  lookup-state :=
@@ -150, +177 @@

  == Algorithms ==
  
  === Normalization ===
+ 
+ {{{#!wiki caution
+ '''Wildcard semantics?'''
+ 
+ These normalisations are only valid if one assumes a certain set of semantics for \
wildcards, but we do not define these semantics anywhere; see initial comment in this \
doc. + 
+ — Brane}}}
  
  Wildcard sequences in paths in rule sets shall be normalized.
  This is merely done to reduce matching costs later on.


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic