| ID: |
6174
|
Fixed in: |
|
| Issue Date: |
2011-05-19 06:43 AEST
|
Owner: | CVS Support
|
| Last Modified: | 2011-05-19 05:54 AEST | Reporter: | Arthur Barrett
|
| Current Est. | 0.0 hours
| % Complete: | 0.0
|
| Status: | NEW /
|
Severity: | normal
|
| Affected: | 2.8.01
|
| Description: | ACL Merge Permissions
|
|
Actions:
|
2011-05-19 06:43 AEST by Arthur Barrett - ACL merge permissions for promotion level seem wrong.
I have:
Directory: EM
Owner: cvsadmin
user=cvs_dev,branch=HEAD
read
write
create
user=cvs_promote,branch=P_DEV,merge=HEAD
read
write
create
user=cvs_promote,branch=P_STG,merge=P_DEV
read
write
create
I can merge OK:
C:\junk\P_STG\CLESWEB>cvs up -j P_DEV -B 12345
? views/aaa.log
? views/aaa.txt
cvsnt server: Updating .
cvsnt server: User ipassing is unable to read from /Makefile.inc on branch/tag P
_STG
cvsnt server: User ipassing is unable to read from /Makefile.mak on branch/tag P
_STG
cvsnt server: Updating functions
cvsnt server: Updating packages
cvsnt server: Updating procedures
cvsnt server: Updating rollforward
cvsnt server: Updating sequences
cvsnt server: Updating tables
cvsnt server: Updating triggers
cvsnt server: Updating views
RCS file: /estee/EM/CLESWEB/views/CLESWEB.USER_ADDRESS_VW.FEW,v
retrieving revision 1.2
retrieving revision 1.2.4.1
Merging differences between 1.2 and 1.2.4.1 into CLESWEB.USER_ADDRESS_VW.FEW
But I can't commit due to lack of a write permission.
C:\junk\P_STG\CLESWEB>cvs ci -B 12345 -m "promoted to STAGE"
cvs commit: Examining .
cvs commit: Examining functions
cvs commit: Examining packages
cvs commit: Examining procedures
cvs commit: Examining rollforward
cvs commit: Examining sequences
cvs commit: Examining tables
cvs commit: Examining triggers
cvs commit: Examining views
? views/aaa.txt
? views/aaa.log
cvsnt server: User ipassing is unable to write to views/views/CLESWEB.USER_ADDRE
SS_VW.FEW on branch/tag P_STG - ignoring
U CVSROOT/build_make.sh
Build/Make Ignoring
I really DO HAVE write permission, provided that the change is a merge.
If I grant my group write access on the branch, then it stops the promote ACL
failing (because it's a catch all allow). And besides that would allow me to
make changes that are NOT merged from the previous level.
15:39:01: S -> verify_acl(write,P_STG,(null))
Ideally this should be sending the merge tag... The entries.extra knows the
mergepoint, but that doesn't definitively tell us the merge tag... |
|
|
2011-05-19 06:54 AEST by Arthur Barrett - Workaround:
cvs rlsacl
Directory: <root>
Owner: <not set>
user=cvs_dev,branch=HEAD
read
write
create
user=cvs_promote,branch=P_DEV,merge=P_PROD
write(deny)
user=cvs_promote,branch=P_DEV,merge=P_STG
write(deny)
user=cvs_promote,branch=P_DEV
read
write
create
user=cvs_promote,branch=P_PROD,merge=HEAD
write(deny)
user=cvs_promote,branch=P_PROD,merge=P_DEV
user=cvs_promote,branch=P_PROD
read
write
create
user=cvs_promote,branch=P_STG,merge=HEAD
write(deny)
user=cvs_promote,branch=P_STG,merge=P_PROD
write(deny)
user=cvs_promote,branch=P_STG
read
write
create
user=cvs_dev
read
user=cvsadmin
all
user=cvsuser
read
write
create
|
|