Trouble with restricting read access to hgweb (deny_read, allow_read)
E. Wing
ewmailing at gmail.com
Fri Nov 14 08:15:28 UTC 2008
Thanks for the reply.
>> The allow_push seems to successfully prevent myuser2 from pushing. But
>> nothing seems to prevent myuser2 from reading/cloning/pulling.
>>
>> Can somebody tell me what I'm doing wrong?
>
> There are no options named allow_read and deny_read (:
So the page I've been reading has those two keywords:
http://www.selenic.com/mercurial/hgrc.5.html
Do they apply to something else or is the documentation wrong?
> You should define in an Apache config which users can read
> your repo at all, and in a hgrc config which of them cannot push.
>
> See http://httpd.apache.org/docs/2.2/mod/core.html#require
>
> Have not tried but an Apache config may be something like this:
> AuthUserFile /home/yourusername/etc/hg-basic-auth
> AuthName "HG Repositories"
> AuthType Basic
> <Limit GET HEAD>
> Require user myuser1
> </Limit>
> <Limit POST PUT>
> Require valid-user
> </Limit>
So my problem is that I have multiple projects where one user may have
full access to one, but not the other.
For example, myuser1 might get read and write access to ProjectA, and
myuser2 gets read and write access to ProjectB. But each user does not
get access to the other project (neither read nor write). But maybe
myuser3 would have access to all projects or maybe just read access or
some other permutation.
Is there a way to reconcile this problem?
Thanks,
Eric
More information about the Mercurial
mailing list