#6701 Integrate allura authorization with Git/SVN(over HTTP)

v1.2.0
closed
nobody
sf-4 (350)
General
Cory Johns
2015-08-20
2013-09-21
Anonymous
No

Originally created by: rferreira-itav

Right now allura can set permissions for access to code repositories, but they are only applied when cloning repositories over ssh (because of fuse/accessfs). It would be nice if the same was also possible when Git/SVN are accessed over HTTP.

In our deployment we run Git(git-http-backend) SVN(Apache mod_svn), and we created an access handler for apache to handle Git and SVN requests, authenticating against LDAP, and checking permissions against the /repo_permissions/ web service.

I'm attaching the access handler script, with a Git config example inside. The SVN settings should be similar.

A few missing pieces:
- Unlike accessfs.py there is no caching yet
- Unfortunately I know nothing about Mercurial over HTTP so I never added support for it :S

Hopefully this is useful to someone out there

1 Attachments

Related

Tickets: #5424
Tickets: #7134
Tickets: #7287

Discussion

  • Dave Brondsema

    Dave Brondsema - 2013-09-23
    • status: open --> code-review
     
  • Dave Brondsema

    Dave Brondsema - 2013-11-06
    • QA: Dave Brondsema
     
  • Dave Brondsema

    Dave Brondsema - 2013-12-05

    I am working on [#5424] so that there's a place to explain how to use this script.

     

    Related

    Tickets: #5424

  • Dave Brondsema

    Dave Brondsema - 2014-03-07
    • Size: --> 4
    • Milestone: limbo --> forge-mar-21
     
  • Cory Johns

    Cory Johns - 2014-03-18
    • QA: Dave Brondsema --> Cory Johns
     
  • Cory Johns

    Cory Johns - 2014-03-19

    cj/6701

    I refactored the handler and converted it to POST to a (configurable) login URL for auth (e.g., /auth/do_login). The idea being that it use Allura to verify the auth, so that whatever auth method Allura is configured to use gets used automatically by the SCM.

     
  • Cory Johns

    Cory Johns - 2014-03-20
    • status: code-review --> closed
     
  • Dave Brondsema

    Dave Brondsema - 2014-03-20

    Did we get docs/scm_host.rst updated for these changes too?

     
  • Dave Brondsema

    Dave Brondsema - 2015-01-05
    • Milestone: unreleased --> asf_release_1.2.0
     

Log in to post a comment.