Return-Path: X-Original-To: apmail-subversion-commits-archive@minotaur.apache.org Delivered-To: apmail-subversion-commits-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 34BD799E8 for ; Thu, 12 Apr 2012 22:28:05 +0000 (UTC) Received: (qmail 79178 invoked by uid 500); 12 Apr 2012 22:28:05 -0000 Delivered-To: apmail-subversion-commits-archive@subversion.apache.org Received: (qmail 79142 invoked by uid 500); 12 Apr 2012 22:28:05 -0000 Mailing-List: contact commits-help@subversion.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@subversion.apache.org Delivered-To: mailing list commits@subversion.apache.org Received: (qmail 79135 invoked by uid 99); 12 Apr 2012 22:28:05 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 12 Apr 2012 22:28:05 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.4] (HELO eris.apache.org) (140.211.11.4) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 12 Apr 2012 22:28:01 +0000 Received: from eris.apache.org (localhost [127.0.0.1]) by eris.apache.org (Postfix) with ESMTP id F3E14238897D; Thu, 12 Apr 2012 22:27:39 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: svn commit: r1325559 - in /subversion/branches/inheritable-props/subversion: include/svn_repos.h libsvn_repos/fs-wrap.c mod_dav_svn/reports/inherited-props.c svnserve/serve.c Date: Thu, 12 Apr 2012 22:27:39 -0000 To: commits@subversion.apache.org From: pburba@apache.org X-Mailer: svnmailer-1.0.8-patched Message-Id: <20120412222739.F3E14238897D@eris.apache.org> Author: pburba Date: Thu Apr 12 22:27:39 2012 New Revision: 1325559 URL: http://svn.apache.org/viewvc?rev=1325559&view=rev Log: On the inheritable-props branch: Implement authz checks when retrieving inherited props. * subversion/include/svn_repos.h (svn_repos_fs_get_inherited_props): New. * subversion/libsvn_repos/fs-wrap.c (svn_sorts.h): New include. (svn_repos_fs_get_inherited_props): New, a wrapper around svn_fs_node_proplist2 that checks for authorization to parent paths which a path inherits from. * subversion/mod_dav_svn/reports/inherited-props.c (dav_svn__get_inherited_props_report): Use svn_repos_fs_get_inherited_props in place of svn_fs_node_proplist2. * subversion/svnserve/serve.c (get_props): Use svn_repos_fs_get_inherited_props in place of svn_fs_node_proplist2. (get_file, get_dir, get_inherited_props): Update calls to get_props. Modified: subversion/branches/inheritable-props/subversion/include/svn_repos.h subversion/branches/inheritable-props/subversion/libsvn_repos/fs-wrap.c subversion/branches/inheritable-props/subversion/mod_dav_svn/reports/inherited-props.c subversion/branches/inheritable-props/subversion/svnserve/serve.c Modified: subversion/branches/inheritable-props/subversion/include/svn_repos.h URL: http://svn.apache.org/viewvc/subversion/branches/inheritable-props/subversion/include/svn_repos.h?rev=1325559&r1=1325558&r2=1325559&view=diff ============================================================================== --- subversion/branches/inheritable-props/subversion/include/svn_repos.h (original) +++ subversion/branches/inheritable-props/subversion/include/svn_repos.h Thu Apr 12 22:27:39 2012 @@ -3127,6 +3127,34 @@ svn_repos_check_revision_access(svn_repo void *authz_read_baton, apr_pool_t *pool); +/** + * Set @a *inherited_values to a depth-first ordered array of + * #svn_prop_inherited_item_t * structures (the path_or_url members of which + * are relative filesystem paths) representing the properties inherited by + * @a path at @a revision in @a repos. If no properties are inherited, then + * set @a *inherited_values to an empty array. + * + * If @a revision is #SVN_INVALID_REVNUM, it defaults to youngest. + * + * If optional @a authz_read_func is non-NULL, then use this function + * (along with optional @a authz_read_baton) to check the readability + * of each parent path from which properties are inherited. Silently omit + * properties for unreadable parent paths. + * + * Allocate @a *inherited_props in @a result_pool. Use @a scratch_pool for + * temporary allocations. + * + * @since New in 1.8. + */ +svn_error_t * +svn_repos_fs_get_inherited_props(apr_array_header_t **inherited_props, + svn_repos_t *repos, + const char *path, + svn_revnum_t revision, + svn_repos_authz_func_t authz_read_func, + void *authz_read_baton, + apr_pool_t *result_pool, + apr_pool_t *scratch_pool); /** Capabilities **/ Modified: subversion/branches/inheritable-props/subversion/libsvn_repos/fs-wrap.c URL: http://svn.apache.org/viewvc/subversion/branches/inheritable-props/subversion/libsvn_repos/fs-wrap.c?rev=1325559&r1=1325558&r2=1325559&view=diff ============================================================================== --- subversion/branches/inheritable-props/subversion/libsvn_repos/fs-wrap.c (original) +++ subversion/branches/inheritable-props/subversion/libsvn_repos/fs-wrap.c Thu Apr 12 22:27:39 2012 @@ -31,6 +31,7 @@ #include "svn_props.h" #include "svn_repos.h" #include "svn_time.h" +#include "svn_sorts.h" #include "repos.h" #include "svn_private_config.h" #include "private/svn_repos_private.h" @@ -740,7 +741,42 @@ svn_repos_fs_pack2(svn_repos_t *repos, cancel_func, cancel_baton, pool); } +svn_error_t * +svn_repos_fs_get_inherited_props(apr_array_header_t **inherited_props, + svn_repos_t *repos, + const char *path, + svn_revnum_t revision, + svn_repos_authz_func_t authz_read_func, + void *authz_read_baton, + apr_pool_t *result_pool, + apr_pool_t *scratch_pool) +{ + svn_fs_root_t *root; + int i; + + if (!SVN_IS_VALID_REVNUM(revision)) + SVN_ERR(svn_fs_youngest_rev(&revision, repos->fs, scratch_pool)); + SVN_ERR(svn_fs_revision_root(&root, repos->fs, revision, scratch_pool)); + SVN_ERR(svn_fs_node_proplist2(NULL, inherited_props, root, path, + result_pool, scratch_pool)); + for (i = 0; i < (*inherited_props)->nelts; i++) + { + svn_boolean_t allowed = TRUE; + svn_prop_inherited_item_t *iprop = + APR_ARRAY_IDX(*inherited_props, i, svn_prop_inherited_item_t *); + + if (authz_read_func) + SVN_ERR(authz_read_func(&allowed, root, iprop->path_or_url, + authz_read_baton, scratch_pool)); + if (!allowed) + { + svn_sort__array_delete(*inherited_props, i, 1); + i--; + } + } + return SVN_NO_ERROR; +} /* * vim:ts=4:sw=2:expandtab:tw=80:fo=tcroq Modified: subversion/branches/inheritable-props/subversion/mod_dav_svn/reports/inherited-props.c URL: http://svn.apache.org/viewvc/subversion/branches/inheritable-props/subversion/mod_dav_svn/reports/inherited-props.c?rev=1325559&r1=1325558&r2=1325559&view=diff ============================================================================== --- subversion/branches/inheritable-props/subversion/mod_dav_svn/reports/inherited-props.c (original) +++ subversion/branches/inheritable-props/subversion/mod_dav_svn/reports/inherited-props.c Thu Apr 12 22:27:39 2012 @@ -114,9 +114,11 @@ dav_svn__get_inherited_props_report(cons "couldn't retrieve revision root", resource->pool); - serr = svn_fs_node_proplist2(NULL, &inherited_props, root, path, - resource->pool, iterpool); - + serr = svn_repos_fs_get_inherited_props(&inherited_props, + resource->info->repos->repos, + path, rev, + dav_svn__authz_read_func(&arb), + &arb, resource->pool, iterpool); if (serr) { derr = dav_svn__convert_err(serr, HTTP_BAD_REQUEST, serr->message, Modified: subversion/branches/inheritable-props/subversion/svnserve/serve.c URL: http://svn.apache.org/viewvc/subversion/branches/inheritable-props/subversion/svnserve/serve.c?rev=1325559&r1=1325558&r2=1325559&view=diff ============================================================================== --- subversion/branches/inheritable-props/subversion/svnserve/serve.c (original) +++ subversion/branches/inheritable-props/subversion/svnserve/serve.c Thu Apr 12 22:27:39 2012 @@ -962,24 +962,30 @@ static svn_error_t *write_lock(svn_ra_sv } /* ### This really belongs in libsvn_repos. */ -/* Get the properties and/or inherited properties for a PATH in ROOT, with - hardcoded committed-info values. */ +/* Get the explicit properties and/or inherited properties for a PATH in + ROOT, with hardcoded committed-info values. */ static svn_error_t * get_props(apr_hash_t **props, apr_array_header_t **iprops, + server_baton_t *b, svn_fs_root_t *root, const char *path, apr_pool_t *pool) { - /* Get the properties. */ - SVN_ERR(svn_fs_node_proplist2(props, iprops, root, path, pool, pool)); - + /* Get the explicit properties. */ if (props) { svn_string_t *str; svn_revnum_t crev; const char *cdate, *cauthor, *uuid; + /* Yes, we could grab the inherited properties here too, but while we + already know the user has read access to PATH, we don't know that + the same holds true for PATH's parents, so we call + svn_repos_fs_get_inherited_props below, which performs the necessary + authz checks. */ + SVN_ERR(svn_fs_node_proplist2(props, NULL, root, path, pool, pool)); + /* Hardcode the values for the committed revision, date, and author. */ SVN_ERR(svn_repos_get_committed_info(&crev, &cdate, &cauthor, root, path, pool)); @@ -1000,6 +1006,13 @@ get_props(apr_hash_t **props, apr_hash_set(*props, SVN_PROP_ENTRY_UUID, APR_HASH_KEY_STRING, str); } + /* Get any inherited properties the user is authorized to. */ + if (iprops) + SVN_ERR(svn_repos_fs_get_inherited_props( + iprops, b->repos, path, + svn_fs_revision_root_revision(root), + authz_check_access_cb_func(b), b, pool, pool)); + return SVN_NO_ERROR; } @@ -1435,7 +1448,8 @@ static svn_error_t *get_file(svn_ra_svn_ full_path, TRUE, pool)); hex_digest = svn_checksum_to_cstring_display(checksum, pool); if (want_props || wants_inherited_props) - SVN_CMD_ERR(get_props(&props, &inherited_props, root, full_path, pool)); + SVN_CMD_ERR(get_props(&props, &inherited_props, b, root, full_path, + pool)); if (want_contents) SVN_CMD_ERR(svn_fs_file_contents(&contents, root, full_path, pool)); @@ -1576,7 +1590,8 @@ static svn_error_t *get_dir(svn_ra_svn_c /* Fetch the directory's explicit and/or inherited properties if requested. */ if (want_props || wants_inherited_props) - SVN_CMD_ERR(get_props(&props, &inherited_props, root, full_path, pool)); + SVN_CMD_ERR(get_props(&props, &inherited_props, b, root, full_path, + pool)); /* Begin response ... */ SVN_ERR(svn_ra_svn_write_tuple(conn, pool, "w(r(!", "success", rev)); @@ -2942,7 +2957,7 @@ get_inherited_props(svn_ra_svn_conn_t *c /* Fetch the properties and a stream for the contents. */ SVN_CMD_ERR(svn_fs_revision_root(&root, b->fs, rev, pool)); - SVN_CMD_ERR(get_props(NULL, &inherited_props, root, full_path, pool)); + SVN_CMD_ERR(get_props(NULL, &inherited_props, b, root, full_path, pool)); /* Send successful command response with revision and props. */ SVN_ERR(svn_ra_svn_write_tuple(conn, pool, "w(!", "success"));