If I go to the code repository and change the permissions for that tool (instead of the whole project) to remove "read" "anonymous" permission, then it works. You're right that it isn't working as expected when anonymous read permission is removed at the project level.
--- ** [tickets:#8163] Possible to svn-checkout read-protected projects** **Status:** open **Milestone:** v1.7.0 **Labels:** permission **Created:** Wed Aug 30, 2017 07:33 PM UTC by Lars Berntzon **Last Updated:** Wed Aug 30, 2017 07:33 PM UTC **Owner:** nobody Hi, it seems to be possible to checkout read-protected projects using svn and http. It seems the json API at http://web:8080/auth/repo_permissions always returns allow_read->OK. Checking in is blocked as it should, but not checkout. You need to know or guess the checkout url for this, browsing to the project is not possible. --- Sent from forge-allura.apache.org because dev@allura.apache.org is subscribed to https://forge-allura.apache.org/p/allura/tickets/ To unsubscribe from further messages, a project admin can change settings at https://forge-allura.apache.org/p/allura/admin/tickets/options. Or, if this is a mailing list, you can unsubscribe from the mailing list.
