Branko Čibej wrote on Thu, 26 Aug 2021 08:11 +00:00: > On 25.08.2021 21:01, Mark Phippard wrote: > > Solving with svn auth is a nice idea but I do not see it working > > unless we have a way to authenticate for write access without writing > > something. > > There isn't in general, since authz can complicate matters. And there > isn't currently, we don't have server-side support for that. I'm not > even sure we could add a server-side method for this check, since the > check for write access can be done entirely outside of Subversion. "svn > authz write-check $url" sounds plausible until you consider all the > various possible authn/authz checking combinations.
I don't see the problem. What's implausible about writing an RA API that authenticates the client, takes a path and an "is recursive?" bit, and returns the result of «svnauthz accessof» on that path? That's basically what the revprop edit codepath will do in the default configuration (with the pre- hook not existing).
