eugene wrote: > But it doesn't solve the problem with users having access to the > projects they should not see. For example, with authz file like this: > > [groups] > project1 = user1,user2 > [/] > superadmin = rw > [/project1] > @project1 = rw > > user1 and user2 can happily browse the entire source tree regardless > of the fact they've been given access only to project1.
I assume you have removed all source-related permissions (BROWSER_VIEW, FILE_VIEW, LOG_VIEW, CHANGESET_VIEW) with trac-admin, and added AuthzSourcePolicy to [trac] permission_policies? > So, can they be restricted somehow only to project1 directory? Well, they should be, and it's working fine here, so either you have hit a bug or still have a configuration issue. Does the authz file have any effect at all? That is, if you set for example: [/] * = Do all your files and directories disappear from the Source Browser? -- Remy
signature.asc
Description: OpenPGP digital signature
