Yves Martin wrote:
> I have first thought to use also "Location" block to protect access to
> each root but the current URL pattern does not suit my needs:
> https://server.mydomain/cgi-bin/viewvc.cgi/path/in/repo/?root=repo
>
> Another need in my case: prevent users to gain access to the repository
> listing.
>
> Is it possible to setup such access control with current version ?
>
> For such a need - prevent full read access to everyone thanks to
> "Location" - I propose to refactor URL to get "repo" in the URL path:
> https://server.mydomain/cgi-bin/viewvc.cgi/repo/path/in/repo/
>
> What do you think about this idea ?
I think it's a fantastic idea! So much so that I wrote this very feature
for ViewVC a few years ago, and it's already present in your ViewVC 1.0.4
release. :-)
See the root_as_url_component option in viewvc.conf. Toggling that option
to a non-zero value will cause ViewVC to generate URLs exactly as you
recommended. This will facilitate using Location blocks to do per-repos
auth protection.
As for blocking the repository listing, you could just edit lib/viewvc.py,
and tweak the function view_roots() to throw an exception:
def view_roots(request):
+ raise debug.ViewVCException('Access denied', '501 Not Authorized')
data = common_template_data(request)
request.server.header()
generate_page(request, "roots", data)
But the root listing also appears in a drop-down box in the template set, so
you'll also want to tweak templates/include/header.ezt so that it no longer
thinks there are any roots to list:
...
<body>
<div class="vc_navheader">
+[define roots][end]
[if-any roots]
<form method="get" action="[change_root_action]">
[end]
...
--
C. Michael Pilato <cmpilato@xxxxxxxxxx>
CollabNet <> www.collab.net <> Distributed Development On Demand
signature.asc
Description: OpenPGP digital signature
|
| 
