Re: [Monotone-devel] server issues / write persmissions

[Timothy Brownawell]

On Sun, 2006-06-04 at 17:14 +0200, Benoît Dejean wrote:
> Hey, i'm running a 0.26 server like this :
> 
> $MTN --db=$DB serve 'fr.placenet*'
> 
> with read-permissions :
> comment "Placenet Fr"
> pattern "fr.placenet*"
> allow "address@hidden"
> allow   "address@hidden"
> allow  "address@hidden"
> 
> and write-permissions :
> 
> address@hidden
> address@hidden
> address@hidden
> 
> 
> I'm totally lost because this afternoon user address@hidden was
> able to push 'cyp.stage' on the server ... how can that be ? how can i
> restrict a server to deal only with 'fr.placenet*' ? What the point in
> allowing people to push whatever branches they want but without being
> able to pull them later ?
> 
> log says :
> mtn: allowed 'address@hidden' read permission for 'cyp.stage'
> excluding ''
> mtn: allowed 'address@hidden' write permission for 'cyp.stage'
> excluding ''

Write permissions really are anything-or-nothing.

It denies permission if what they want to sync includes a branch that
you already have, that either doesn't match what's being served or that
they aren't allowed to read.

In this case, their include pattern ("cyp.stage") didn't match anything
on your server, so it had no reason to say "no, you can't look at
that" (since there wasn't anything to look at). In particular, netsync
does not see cyp.stage as a branch name, it sees it as a pattern to
match branches against. Since the server doesn't have any branches that
match this pattern, it doesn't have anything to prohibit the client from
reading.

They won't be able to sync that branch again, since sync is r/w and
they're not allowed to read that branch. They also won't be able to push
it again, but this is more because read permissions are always checked
(even if they're doing write-only), which IMHO is a bug.

Tim