Christian your input finally solved it However not as you intended. The problem was/is that the *name* of the permission policy was changed from "AuthzPolicy" to "AuthSourcePolicy". No wonder that that users now have global Browse permissions since svn_authz.py was never triggered. Such a name change should be marked in BIG RED LETTERS in the release notes since there should be lots of system not being aware of this change and suddenly opening up ALL their protected repos for browsing.
Also I could only find the mention of AuthzSourcePolicy here http://trac.edgewall.org/wiki/TracDev/ApiChanges/0.12#Authz and there is no (obvious) mention that this used to be AuthzPolicy as such. Maybe this could be improved :) @Remy, so in the end one needs to give the user BROWSER_VIEW, etc. in order to be able to browse the source. This can not be done (yet?) via FineGrainedPermissions Thanks again for the help, /HeX On 4 Aug, 10:19, Christian Boos <cb...@neuf.fr> wrote: > Isn't that simply a problem with the ordering of policies? > What is your "[trac] permission_policies" setting? > Does it help to put AuthzSourcePolicy first? > > -- Christian -- You received this message because you are subscribed to the Google Groups "Trac Development" group. To post to this group, send email to trac-...@googlegroups.com. To unsubscribe from this group, send email to trac-dev+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/trac-dev?hl=en.
