ACLs and Web Interfaces

Jeff Abbott fdiv_bug at sniping.org
Tue Mar 4 20:56:06 GMT 2008 

Bazaarers,

I'm sorry to keep beating this drum, but I'm really trying to find a way 
we can make Bazaar fit my group's DRCS needs.  I think it's a better 
tool than Mercurial, and is built on a better design, and I'll take good 
design over speed almost any day of the week.

I've realized a way that we can leverage file system ACLs to offer 
fine-grained access control to the users without having to grant a whole 
bunch of people SSH access to the central Bazaar server.  Basically, 
we've got a very well-supported AFS cell, and if we used that as our 
centralized, main storage location we could finely control who could 
read and write to different locations, as well as to whom we delegated 
the rights to determine their repository tree's locations.  Then they 
could access the repositories locally on any machine that's an AFS 
client, or via bzr+ssh to any machine that's an AFS client and has bzr 
installed.  But that doesn't solve the problem of the web interface.

Something that Mercurial's hgweb supports is the ability to tell it "all 
my repos live below here" with the [collections] section in the hgweb 
config.  hgweb walks that file system path and finds any repos it can, 
and presents them to the user if it can access that location with the 
credentials it's running under.  Usually, when running with mod_python 
in Apache, that's the apache user, but if you add mod_auth_kerb into the 
equation to authenticate users to the Kerberos realm, and mod_waklog to 
run CGI and mod_python scripts with the Kerberos-authenticated user's 
credentials, hgweb will only show them the repositories in AFS that they 
can read.

I've tried bzr-webserve and loggerhead (running under mod_python rather 
than as a separate daemon which is slooooooow), but neither of them seem 
to support something like the [collections] section of hgweb's config, 
nor do they effectively evaluate whether or not they can read from a 
given repository path before showing it to a user.  I could probably add 
such functionality to bzr-webserve if need be, but I wanted to know 
whether or not the Bazaar community had any other ideas.

I like Bazaar more than Mercurial, but it seems that for our niche 
Mercurial already does what we want.  I'd really like to be certain that 
there aren't any better solutions for Bazaar before throwing in this 
towel to Mercurial.  Thoughts?  Questions?  Flames?  :-)

Thanks,
Jeff

More information about the bazaar mailing list