NAME

SVN::Access - Perl extension to manipulate SVN Access files

SYNOPSIS

use SVN::Access;
my $acl = SVN::Access->new(acl_file   =>  '/usr/local/svn/conf/my_first_dot_com.conf');

# add a group to the config
$acl->add_group('stooges', qw/larry curly moe shemp/);

# write out the acl (thanks Gil)
$acl->write_acl;

# give the stooges commit access to the production version of 
# our prized intellectual property, the free car giver-awayer.. 
# (thats how we get users to the site.)
$acl->add_resource(
    # resource path
    '/free_car_giver_awayer/branches/prod_1.21-sammy_hagar',

    # permissions
    '@stooges' => 'rw',
);

$acl->write_pretty; # with the equals signs all lined up.

DESCRIPTION

SVN::Access includes both an object oriented interface for manipulating SVN access files (AuthzSVNAccessFile files), as well as a command line interface to that object oriented programming interface (svnaclmgr.pl) in the examples/ directory.

METHODS

new

the constructor, takes key / value pairs. only one is required.. in fact only one is used right now. acl_file.

Example:

my $acl = SVN::Access->new(acl_file   =>  '/path/to/my/acl.conf');
add_resource

adds a resource to the current acl object structure. note: the changes are only to the object structure in memory, and one must call the write_acl method, or the write_pretty method to commit them.

Example:

$acl->add_resource('/',
  rick    =>  'rw',
  steve   =>  'rw',
  gibb    =>  'r',
);
remove_resource

removes a resource from the current acl object structure. as with add_resource these changes are only to the object structure in memory, and must be commited with a write_ method.

Example:

$acl->remove_resource('/');
resources

returns an array of resource objects, takes no arguments.

Example:

for($acl->resources) {
    print $_->name . "\n";
}
resource

resolves a resource name to its SVN::Access::Resource object.

Example:

my $resource = $acl->resource('/');
add_group

adds a group to the current acl object structure. these changes are only to the object structure in memory, and must be written out with write_acl or write_pretty.

Example:

$acl->add_group('stooges', 'larry', 'curly', 'moe', 'shemp');
remove_group

removes a group from the current acl object structure. these changes are only to the object structure in memory, and must be written out with write_acl or write_pretty.

Example:

$acl->remove_group('stooges');
groups

returns an array of group objects, takes no arguments.

Example:

for($acl->groups) {
    print $_->name . "\n";
}
group

resolves a group name to its SVN::Access::Group object.

Example:

$acl->group('pants_wearers')->add_member('ralph');
write_acl

takes no arguments, writes out the current acl object structure to the acl_file specified in the constructor.

Example:

$acl->write_acl;
write_pretty

the same as write_acl, but does it with extra whitespace to line things up.

Example:

$acl->write_pretty;
verify_acl

does a pre-flight check of the acl, and returns any errors found delimited by new lines. this routine is called by write_acl and write_pretty, where these errors will be considered fatal. be sure to either call this before $acl->write_*, OR use eval { } to capture the return of verify_acl into $@.

Example:

if (my $error = $acl->verify_acl) {
  print "Problem found in your ACL: $error\n";
} else {
  $acl->write_acl;
}
add_alias

adds an alias to [aliases], takes 2 arguments: the alias name and the aliased user.

Example: $acl->add_alias('mikey', 'uid=mgregorowicz,ou=people,dc=mg2,dc=org');

remove_alias

removes an alias by name, takes the alias name as an argument.

Example: $acl->remove_alias('mikey');

alias

returns the value of an alias, uses exists() first so it will not autovivify the key in the hash.

Example: print $acl->alias('mikey') . "\n";

aliases

returns a hashref that contains the aliases. editing this hashref will edit the data inside the $acl object.

Example: foreach my $alias (keys %{$acl->aliases}) { print "$alias: " . $acl->aliases->{$alias} . "\n"; }

resolve

Returns a fully resolved list of users part of the given groups and/or aliases. Groups must be specified with a leading "@" and aliases with a leading "&", all else will be returned verbatim. This recurses through all definitions to get actual user names (so groups within groups will be handled properly).

SEE ALSO

subversion (http://subversion.tigris.org/), SVN::ACL, svnserve.conf

AUTHOR

Michael Gregorowicz, <mike@mg2.org>

COPYRIGHT AND LICENSE

Copyright (C) 2012 by Michael Gregorowicz

This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself, either Perl version 5.8.8 or, at your option, any later version of Perl 5 you may have available.