How can I use the show log feature without setting [/] * = r (reads to everyone/everything).
I have a couple of groups in my authz file. It Looks like this:
[groups]
Profs = dave,bruno,franck
Team1 = 1036091,1036103,1036087
Team2 = 1016059,1016077
[/GSS]
@Team1 = rw
[/Booking]
@Team2 = rw
[/]
@Profs = rw
When I add
[/]
* = r
in the file, the show log feature works. But that gives access to everyone on all the repositories.
This related question has not been answered.
I experienced exactly the same problem. Googling did not provide with a solution, but after some experiments I found 2 solutions for this: One Work-Around and one great solution.
Work-Around: Add [/] * = r to the authz file (and may be * = r to you application folder in the authz file also). Try a showlog with Tortoise and may be some compare methods in Tortoise. Remove the above lines from authz file and try agin. Tortoise somehow caches that and it seems to work
Great solution: Add these lines to the svnserve.conf file:
anon-access = none
auth-access = write
After that it worked as expected. Seems like the solution to me.
Good luck!
The svn authz file (configuration file for mod_authz_svn which provides this Path-based authorization feature) can only setup read-only (r) or read-write (rw) access modes.
Thus, there is no possibility to grant access for particular operation as it is quite obvious that for svn log operation you need to have read access which in its turn will allow checkout, info, etc
However, there is a solution from WANdisco which allows to build a shield around svn server with really advanced Access Control management. There you can find that there is a special permission called list which grants access specifically for log, info and ls svn commands.