What should happen when a username matches multiple lines in an authz file? The svnbook states that the first matching line applies:
[groups] paint-developers = frank, sally, jane [paint:/projects/paint] jane = r @paint-developers = rw Another important fact is that the first matching rule is the one which gets applied to a user. In the prior example, even though Jane is a member of the paint-developers group (which has read/write access), the jane = r rule will be discovered and matched before the group rule, thus denying Jane write access. That's not what happens when I try it. I've stepped through in the debugger and all lines that match get considered and the resulting authz is the combination of all the permissions. In the above example jane will have read/write access. Even simple authz files behave this way: [/] philip = * = r The book implies that philip would be denied access but when I try it read access is allowed. Is this a book bug or a Subversion bug? If it's a Subversion bug can we fix it? Do admins want this behaviour? Can we change the behaviour of existing authz files? I suppose we could introduce a some sort of directive to control the matching behaviour: [directives] match = first -- Philip
